Nevers Call
The Nevers Call to Reinforce the EU’s Cybersecurity Capabilities was published on 9 March 2022 in Nevers, France, during an informal meeting of the European Union (EU) telecommunications ministers held under the French Presidency of the Council of the EU.
The initiative
This initiative came at a critical moment for Europe’s digital security landscape. The cyberattacks targeting Ukraine amid escalating geopolitical tensions underscored the vital role of cybersecurity in today’s conflicts and the potential spillover effects that such incidents could have on European networks and infrastructures.
The Nevers Call emphasised the urgent need for the EU to advance an ambitious and comprehensive cybersecurity plan, both to support partners and to reinforce its own digital resilience. Moreover, it highlighted that critical infrastructures, including telecommunications networks and digital services, are fundamental to Europe’s economy and society. Because of their central role, they have become prime targets for cyberattacks.
BEREC’s engagement in light of the Nevers Call
Against the backdrop of an increasingly volatile geopolitical environment, the telecommunications ministers expressed a shared determination to take immediate action to reinforce cybersecurity across the EU. The Nevers Call, therefore, set out eight concrete action points, designed to accelerate Europe’s progress towards better resilience and cybersecurity. Action point four outlined that, together with the European Union Agency for Cybersecurity (ENISA) and the Network and Information Security (NIS) Cooperation Group, the Body of European Regulators for Electronic Communications (BEREC) is invited to formulate recommendations, based on a risk assessment, to Member States and the European Commission (EC) to reinforce the resilience of communications networks and infrastructures.
As a follow-up to the Nevers Call, the EC and ENISA set up a multi-stakeholder process. BEREC is closely involved in this process by reviewing drafts and deliverables and providing input to relevant requests, covering topics ranging from mitigating smishing attacks to the cybersecurity aspects of customer premises equipment. Moreover, on 21 February 2024, the NIS Cooperation Group published the report Cybersecurity and resiliency of Europe’s communications infrastructures and networks as a follow-up to the Nevers Call. The report includes a number of strategic and technical recommendations for Member States, the EC, ENISA and BEREC to mitigate the risks identified in the assessment performed between April 2022 and December 2023 by the members of the NIS Cooperation Group, with support from the EC and ENISA and in consultation with BEREC. Following on from this, the NIS Cooperation Group, ENISA, the European Competent Authorities for Secure Electronic Communications (ECASEC) Expert Group and BEREC have drafted an Action Plan to implement the recommendations of the Nevers Call. BEREC will provide support in collecting data from market players where needed, provide expert opinions and comments, and supporting the sharing of best practices among the national regulatory authorities.
BEREC also supports the development of recommendations and possible other guidelines, participates in joint meetings and workshops, and attends conferences co-organised by these institutions. BEREC also takes into consideration other cybersecurity initiatives (e.g. the Warsaw call on cybersecurity challenges) and strives for the harmonised and innovation-friendly implementation of the cybersecurity legislation.