Increasing coordination on Standardisation for cybersecurity
Today Mr Luigi Rebuffi, Secretary General of European Cyber Security Organisation (ECSO) and Mrs Elena Santiago Cid, Director General of CEN and CENELEC co-signed the Memorandum of Understanding for future cooperation.
The aim is to ensure standardisation from formally recognised European and international organisations as a basis for certification schemes in the field of cyber security.
In September 2017, the European Commission adopted a Cybersecurity Package which builds upon existing instruments and presents new initiatives to further improve EU cyber resilience, deterrence and response. Within the Package, the Commission has put forward a legislative proposal which foresees a permanent mandate for the European Union Agency for Network and Information Security (ENISA), as well as the creation of the EU certification framework for ICT security products – ‘the cybersecurity act’.
To ensure an effective European approach to cyber security certification based on standards from formally recognised European and international organisations, CEN-CENELEC has already established a strong cooperation with ENISA, which is now complemented by ECSO, the European Commission’s contractual counterpart for the implementation of the contractual Public-Private Partnership (cPPP) on cyber security
Today’s Memorandum of Understanding represents the basis for a series of relevant actions: foster information sharing; enable a common understanding on standardisation initiatives; develop a better understanding of industry needs; establish recommendations on certification schemes based on standards; and coordinate policy input on the Cybersecurity Package, as well as strategic priorities for the European Commissions’ research and innovation agenda.
In its role as the European organisation working on cyber security, ECSO aims to foster cooperation between public and private actors and reach the goals set out by the cPPP in the field of Research and Innovation, allowing citizens and businesses to access innovative and trustworthy European solutions. It also aims to stimulate and support the development of industrial measures geared towards increasing the competitiveness of the cyber security industry and harmonising the cyber security market in Europe.
ECSO Secretary General Luigi Rebuffi highlighted that “ECSO is developing with its members the European cyber security ecosystem, in which research and innovation (R&I) are important building blocks for the European growth. However, innovation should be built upon standards which ensure the promotion of the best practices, interoperability and cyber security requirements in a coherent and consistent way, relevant to the interdependence across the value chain in the ICT industry. Standards could also serve as a key instrument to support and ease the certification. In the very dynamic cyber security market, standardisation is challenging but fundamental to ensure reliable and trusted solutions, as well as the growth of a competitive European industry. For these reasons, close cooperation between ECSO and CEN-CENELEC is very important.”
CEN-CENELEC Director General Elena Santiago Cid added: “CEN and CENELEC are active in responding to European industry needs through European and international standardisation supported by the CEN-CENELEC/JTC 13 “Cybersecurity and Data Protection”. Our work will from now on be enhanced by the collaboration with ECSO. Together, we will build a trustworthy cyber ecosystem for the benefit of all.”