Article 95
This article is inactive.
This article has been deemed outside of scope for the debate and exists only for reference.
Information sharing on cyber threats
1. Union space operators may, on a voluntary basis, exchange among themselves relevant information in the area of cybersecurity, including relevant information on cyber-attacks, cyber threats, electronic interferences such as jamming, spoofing, information on indicators of compromise, adversarial tactics, techniques and procedures, near misses, vulnerabilities, threat-actor-specific information, and share cybersecurity alerts and recommendations for the configuration of cybersecurity tools allowing detection of cyberattacks, to the extent that such information sharing:
(a) aims at preventing, detecting, responding to, or recovering from incidents, or mitigating the impact thereof;
(b) enhances the level of cybersecurity and the overall resilience of Union space operators, in particular by raising awareness on cyber threats, by limiting or impeding the ability of such threats to spread, by supporting the development of defensive capabilities and common knowledge regarding vulnerability remediation, threat detection, containment and prevention techniques, mitigation strategies, response and recovery stages, or by promoting collaborative cyber threat research between public and private entities;
(c) takes places within trusted communities of Union space operators;
(d) is implemented through arrangements that protect the potentially sensitive nature of the information shared and are governed by rules of conduct, in full respect of business confidentiality, of the rules on the protection of personal data, in accordance with Regulation (EU) 2016/679, and the guidelines on competition policy.
2. The arrangements referred to in paragraph 1, point (d), shall:
(a) specify the conditions to enter, and the rules to participate in, information-sharing arrangements, as well as the type of information to be shared;
(b) specify the operational aspects, such as use of dedicated ICT platforms and automation tools;
(c) set out the details governing the involvement of public authorities in the information-sharing arrangements and the capacity in which those authorities may participate in such arrangements.
3. Union space operators shall notify competent authorities of their participation in the cybersecurity information-sharing arrangements referred to in paragraph 1, upon entry into, and exit from, such arrangements.
4. The Commission, shall, with the assistance of the Agency, facilitate the establishment of cybersecurity information-sharing arrangements referred to in paragraph 1, point (d), by supporting or promoting the activities of EU Space Information Sharing and Analysis Centre.
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/article.php:8) in /var/www/html/script/loginauth.php on line 163