The European Union (EU) is fast emerging as a central cybersecurity actor in international relations. The last few years have witnessed the development of a raft of legislation, communications and strategic documents that deal directly with this field. Much of this activism comes in response to Russia’s cyberspace activities. That means that not only the EU is often placed in a reactive position, but also member states are often divided on how to engage with Moscow. As will be argued in this commentary, when it comes to cyberspace, Russia needs to be approached from three (albeit inter-related) distinct angles: as a cyber-crime hub, as a regional neighbor and as an emerging power, each of which demands a set of different answers, that range from deterrence to selective engagement. Only a multifaceted approach that includes, but goes beyond the EU’s understanding of cybersecurity, can offer the possibility of an effective engagement with Moscow.
In terms of structure, this commentary will start by offering an overview of the EU’s activities in cyberspace, followed by an assessment of how Russia fits into the EU’s overall approach to cybersecurity and cyber diplomacy. The final part of the commentary explores the different ways in which the EU can deal with Russia when it comes to cyberspace.