Jochen Michels, Director Public Affairs, Europe, Kaspersky
The European Commission’s proposal for a Digital Networks Act (DNA) aims to modernize Europe’s digital connectivity framework. For a global cybersecurity company like Kaspersky, the DNA represents a pivotal chance to shape a future‑oriented regulatory environment.
As a company serving customers across Europe and internationally, Kaspersky supports the Commission’s objectives to strengthen resilient, secure, and high‑capacity digital infrastructure and to establish robust, fast, and secure networks while reducing fragmentation within the EU Digital Single Market. The DNA presents an important opportunity to create a future‑oriented framework that encourages investment, innovation, operational resilience, and secure cross‑border connectivity. The success of the DNA will depend on maintaining a balanced, risk‑based, and technology‑neutral approach that strengthens cybersecurity without creating unnecessary regulatory complexity or barriers to international cooperation.
Cybersecurity should be a core principle
Cybersecurity and resilience should be embedded throughout the DNA as foundational principles rather than treated as standalone compliance obligations. Modern telecommunications and digital infrastructure underpin critical sectors, including healthcare, energy, finance, transportation, manufacturing, and public administration. Consequently, the DNA should promote secure‑by‑design approaches, operational resilience, and effective supply‑chain risk management across network ecosystems. At the same time, the framework must remain technology‑neutral and focused on measurable security outcomes rather than prescriptive technical mandates.
Avoid regulatory overlap
The EU has already introduced substantial cybersecurity legislation, such as NIS2, the Cyber Resilience Act, DORA, and the Cybersecurity Act. To avoid unnecessary complexity and duplicative compliance burdens, the DNA should align closely with these existing frameworks and provide a clear allocation of responsibilities among operators, service providers, and infrastructure vendors. Greater harmonization of reporting, certification, and supervisory expectations across Member States would improve implementation efficiency and strengthen operational resilience. Clear, transparent, and proportionate implementation approaches would further support legal certainty.
Preserve international interoperability
Cybersecurity is inherently global. Effective threat detection, incident response, and cyber defense rely on international cooperation, interoperable standards, and cross‑border information sharing. We encourage the Commission to ensure that the DNA remains aligned with internationally recognized standards and supports trusted collaboration between European and international stakeholders. A globally interoperable approach will strengthen Europe’s resilience while preserving innovation, investment attractiveness, and access to advanced cybersecurity capabilities.
***
In light of these considerations, Kaspersky believes that the European Commission should adopt a risk‑based and technology‑neutral approach to cybersecurity obligations, ensure alignment with existing EU cybersecurity legislation to minimize duplication, support internationally recognized standards and interoperable security frameworks, preserve open and competitive digital markets based on objective security assessments, and facilitate secure cross‑border cooperation. The Digital Networks Act has the potential to strengthen Europe’s digital resilience and support the development of secure, modern, and globally connected infrastructure. A balanced framework that promotes security, innovation, interoperability, and regulatory coherence will best support the EU’s long‑term digital and economic objectives.
