I fully support the proposal on the revised Cybersecurity Act aiming to simplify our overlapping and complex cybersecurity regulation and focusing on reducing dangerous dependencies on high-risk vendors – coming outside of Europe – in our critical infrastructure.‼️
👉 Cybersecurity today is about countering who can pressure a supplier, who can demand access, and who can threaten disruption. In sectors like telecoms, energy, transport, health and finance, that is not an acceptable risk we can take.
👉 The risk is obvious with China, their state power and big tech companies are interlinked. Huawei and TikTok are frankly dangerous, and China is helping Putin in Ukraine.
👉 Right now we are also seeing a risk coming from our long-time ally threatening a sovereign European country and we must be prepared to act if necessary. Let’s keep in mind that US tech companies can use their KILL SWITCH in Europe at any time.
👉 The rules for high-risk vendors in our most strategic sectors must be clear and enforceable. Not just guidance or best practice. Parliament must keep this proposal strong as the Council will try to weaken it, because some countries still want the cheapest option and avoid conflicts. That is exactly why the 5G Toolbox failed in the first place.
👉 If we mean what we say about a more resilient and security-focused Europe we must simply start choosing European when it comes to our critical infrastructure. ‼️ This includes cyber security vendors, cloud services and software solutions.
👉 Sovereignty, finding European alternatives and making sure of interoperability, can be more expensive and challenging in the short term but there will not be long term European security if we don’t start clearly defining and choosing European today.
Listen to Aura Salla’s speech at the plenary session on 20 January 2026.
