European Commission: First EU-wide certification system for cyber security

Thierry Breton, EU Internal Market Commissioner, said: “In a highly dynamic cybersecurity threat environment, we are making progress to increase our collective resilience. Today we are unveiling a new framework to ensure that the products we use in some of the most sensitive environments, such as routers and ID cards, are cyber-secure. We want our citizens, businesses and the public sector to be able to trust the products they rely on to secure their networks and deliver sensitive public services.”

The voluntary scheme will complement the EU Cyber Resilience Act, which introduces mandatory cybersecurity requirements for all hardware and software products in the EU.

This important step will help strengthen Europe’s global digital leadership. In addition, the scheme will also promote the implementation of the NIS2 Directive, which regulates the cyber and information security of companies and institutions.

Further steps

The scheme will be published shortly in the Official Journal of the EU and will enter into force 20 days after publication. Together with the publication of the certification scheme in the Official Journal, the Commission will also publish the Union’s first rolling work program for European cybersecurity certification. This document sets out a strategic vision and reflection on possible areas for future European cybersecurity certification schemes, taking into account recent legislative and market developments.

The adopted scheme is based on drafts prepared by the European Union Agency for Cybersecurity (ENISA) in close cooperation with industry experts and Member States, following technical and legal discussions and a public consultation.

– – – – –

Further links

👉 https://commission.europa.eu 
👉 Cyber Resilience Act
👉 NIS2 Directive
👉 Cybersecurity Certification Scheme

Photo: pixabay