EU's bold cyber shift: Balancing defense with offensive capabilities
The European Union is pushing for greater control over its data and technology to cut reliance on foreign suppliers. A new focus on cyber capabilities has emerged, with calls to develop both defensive and offensive strategies. Officials argue this shift will strengthen Europe's security and independence in key industries.
In December 2022, the European Commission's defence white paper highlighted the need for stronger cyber defences. It also stressed the importance of building offensive cyber tools to match defensive efforts. Executive Vice President Henna Virkkunen later reinforced this stance, arguing that offensive capabilities were essential for a balanced cybersecurity strategy.
Some EU countries are now warming to the idea of offensive cyber operations. Germany and Latvia have shown growing openness, though neither has publicly confirmed support. Germany is even preparing legislative changes to allow such actions. However, no member state has officially endorsed offensive cyber measures, and no documented cases of such operations exist.
The EU's broader goal is to reduce dependence on non-European technology. By fostering a homegrown tech and cybersecurity sector, the bloc aims to secure critical industries. This move aligns with efforts to identify high-risk areas where data control is vital for minimising external vulnerabilities.
The EU's cybersecurity strategy is evolving, with defensive and offensive capabilities now under discussion. While countries like Germany and Latvia explore legislative and operational options, no official policies or confirmed operations have been announced. The push for a self-reliant tech sector remains central to the bloc's long-term cybersecurity plans.
