Why European Countries Need to Have European Cybersecurity Solutions

Mailspike By Mailspike • September 22, 2020

Why is the origin of an Email Security system important when choosing one to protect you?

Email security and cybersecurity, in general, is one of the most certain industries where European countries working with EU-based companies only, does not sound xenophobic at all – only practical. This stems mostly from the fact that the digital landscape has changed a lot, especially with the implementation of GDPR.

With that in mind, we wanted to focus on explaining why your EU-based company should work with a European cybersecurity company if they're going to be entirely secure and compliant with the new laws in place in the EU.

No Exact Protection of User Data Privacy

One of the main arguments for EU companies working solely with EU cybersecurity firms is the fact that GDPR now protects user data and its privacy. The US does not have the same laws at the moment. 

The latest California Consumer Privacy Act (CCPA), the first and so far the only valid data privacy law in the US, is a step in the right direction. However, it’s not entirely clear as to how it will work, and it’s certainly not the same as GDPR. Key points within the two regulations have significant differences, which is why it's crucial to work with an EU company to stay compliant with EU cybersecurity regulations. 

Companies from the US that work with EU citizens are required to adhere to GDPR rules, and if they don’t, they can get fines. This has caused many American companies to change the ways they operate in the EU to stay compliant. However, with the changes Europe is continuing to make, not all US companies are willing to sacrifice their business model only to remain compliant with EU regulations.

This is especially true with American based cybersecurity companies that work together with organizations across the globe. They don’t directly work with EU citizens, so they are not under the same scrutiny as major American companies of other industries. 

Take, for instance, WatchGuard Technologies. They are a US security company that recently acquired Panda Security, a Spanish cybersecurity firm. The merger is undoubtedly good for both companies and many of their customers, but that might not be the case for their customers who are worried about data privacy and looking to stay fully compliant with GDPR. The problem here lies in the fact that WatchGuard is a US company, which means that they fall under the jurisdiction of the federal government of the US. In essence, this means that the federal government can access WatchGuard's data, and by extension Panda Security's user data if they have the need for it. 

Key Takeaways

Panda Security is but one specific example, and many others exist, as do plenty of loopholes that make it impossible to guarantee a US company is fully dedicated to data privacy in the same way Europe is.

All of this makes it much more preferable and very practical for European companies to work with EU-based cybersecurity and email security firms to make sure their cybersecurity needs are met and that they are fully compliant with EU regulations. 

 

Author: Mailspike

The Anubis Labs team is tasked with the ongoing effort to discovery new threats, track and collect intelligence about malware and botnets and figure out the best approach to let our customers have a good insight on their threat landscape.