New EU cybersecurity certification rules in force

Mariya Gabriel – Photo EC

(BRUSSELS) – The EU’s Cybersecurity Act, agreed by EU negotiators in December 2018, enters into force on 27 June, providing Europe with a framework of cybersecurity certification of products, processes and services.

The new rules equip Europe with a framework of cybersecurity certification of products, processes and services and reinforce the mandate of the EU Agency for Cybersecurity.

The Commission says the European cybersecurity certification framework will boost the cybersecurity of online services and consumer devices by enabling the creation of tailored and risk-based EU certification schemes.

At the same time the new permanent mandate of the EU Agency for Cybersecurity includes increased responsibilities and resources to better support Member States with tackling cybersecurity threats and attacks.

“Europe’s Digital Single Market can only be a reality if it includes robust cybersecurity commitments,” said EC vice-president for the Digital Single Market Andrus Ansip: “This Commission has pushed forward in making sure Europe has the necessary capabilities, including by proposing a European certification framework and having financing for cybersecurity research and development under the next long-term EU budget. Work on 5G security is a particular priority, as it has the potential to impact every aspect of our future.”

Commissioner for Digital Economy and Society, Mariya Gabriel, added: “The EU Cybersecurity Act has demonstrated the need for an EU approach to respond to all challenges, protect our citizens and stay competitive. In order to achieve this goal, Europe has granted a permanent mandate to the EU Agency for Cybersecurity.

“The Cybersecurity Act also enables EU-wide cybersecurity certification. With the Cybersecurity Act, the Directive on Security of Networks and Information Systems and the proposed European Cybersecurity Competence Centre, we have put forward a strong EU pattern, based on our democratic values and safeguarding our citizens’ interests.”

In addition to the Cyber Act, the Commission proposed, in September 2018, to create a European Cybersecurity Competence Network and Centre to better target and coordinate available funding for cybersecurity cooperation, research and innovation.

In May 2019, the Council also established a sanctions regime, which allows the EU to impose targeted restrictive measures to deter and respond to cyberattacks which constitute an external threat to the EU and its Member States.

EU Cybersecurity - background guide

European Cybersecurity Act

Commission factsheet

Leave A Reply Cancel Reply

Exit mobile version