The Council's Horizontal Working Party on Cyber Issues is scheduled to meet on 16 July 2026 at 10:00 in Brussels to discuss a classified cyber threat landscape, a UN norms implementation checklist, and a strategic note, according to a notice of meeting and provisional agenda published by the Council.

The meeting, to be held in the Justus Lipsius building with a 1+1 delegate format, will open with the adoption of the agenda. The first substantive item is a presentation by the EU Intelligence and Situation Centre (INTCEN) on the cyber threat landscape, classified as EU-SECRET/SECRET-UE. Only delegates with a valid Personnel Security Clearance at least at SECRET UE/EU SECRET level and a demonstrated need-to-know may attend this session. Delegates must register by 16:00 on 14 July 2026, providing full surname, given name, nationality, date of birth, and organisation, and ensure their security clearance certificates are on record with the General Secretariat of the Council's Safety and Security Directorate. All electronic devices must be left in lockers outside the meeting room during the classified discussion.

The second agenda item is a presentation by the European External Action Service (EEAS) on a norms implementation checklist related to the UN Global Mechanism, followed by discussion. The third item is a presentation by the EEAS on a strategic note, classified as RESTREINT EU/EU RESTRICTED, also followed by discussion. The meeting will conclude with any other business.

The working party's discussions feed into the Council's broader efforts to strengthen EU cyber resilience and international cooperation. The UN norms implementation checklist aligns with the EU's commitment to promoting responsible state behaviour in cyberspace, while the strategic note is expected to outline policy orientations for future EU cyber initiatives. No decisions are expected at this meeting; the agenda is focused on information-sharing and preparatory debate.

Stakeholders impacted include EU member states' cyber authorities, which will need to align national policies with emerging EU positions; the EEAS and INTCEN, which provide analytical and diplomatic input; and the broader cybersecurity industry, which may be affected by future regulatory or strategic directions discussed. The meeting's classified nature limits public transparency but underscores the sensitivity of the threat assessments under review.

Institutional follow-up will likely involve the working party reporting to the Permanent Representatives Committee (Coreper) and the Council, potentially leading to conclusions or decisions at a future Foreign Affairs Council or Justice and Home Affairs Council meeting.

← Atlas › News › Digital & Communication