Newly formed group to work on EU's cybersecurity certification framework

The group consists of representatives from an array of organisations such as academic institutions, consumer organisations, conformity assessment bodies, etc

Photo: ENISA ENISA's Executive Director Juhan Lepassaar

The Commission and the European Agency for Cybersecurity (ENISA) announced on 26 June the creation of the Stakeholders Cybersecurity Certification Group (SCCG), which will advise them on strategic issues regarding cybersecurity certification, while at the same time it will assist the Commission in the preparation of the Union rolling work programme.

Furthermore, its aim, as foreseen by the EU Cybersecurity Act that was adopted a year ago, is to create market driven certification schemes and help reduce fragmentation between various existing schemes in the EU Member States. The first meeting of the Group is taking place today.

Internal Market Commissioner Thierry Breton said: “Not only will certification play a crucial role in increasing trust and security in ICT products, but it will also provide European companies with the necessary tools to demonstrate that their products and services have state of the art cybersecurity features. This will in turn allow them to better compete in the global market. The Stakeholder Cybersecurity Certification Group will help by bringing about the needed expertise and advice for the creation of a tailored and risk-based EU certification system.”

“Cybersecurity certification aims to promote trust in ICT products, processes and services while at the same time tackling the fragmentation of the internal market, thus reducing the costs for those operating in the Digital Single Market," ENISA Executive Director Juhan Lepassaar added.

The group consists of representatives from an array of organisations that include academic institutions, consumer organisations, conformity assessment bodies, standard developing organisations, companies, trade associations and many others. The EU is working in building the necessary cybersecurity capabilities to prevent and counter the ever-changing cyber threats and attacks.

Similar articles