European Cybersecurity and Resilience – What challenges to create a common framework?
On Tuesday 20th September, Dr. Joanna Swiatkowska – ECSO’s COO – participated to a panel discussion organised by Euractiv about “EU Cybersecurity and Resilience – What challenges to create a common framework?”. Other members of the panel were Lorena Boix Alonso – Director of DG CNECT.H, European Commission – Cláudio Teixeira from BEUC, Goran Gotev of BlackBerry, and Chante Maurio of UL Solutions.
The timely discussion was all about the Cyber Resilience Act (CRA) that was proposed by European Commission on the 15th September. The CRA is a horizontal legislation that will provide mandatory cybersecurity requirements for all digital products and ancillary services both for hardware and software. The requirements of the CRA include security by design and by default, whole life-cycle support, transparency on product security, and vulnerability handling at European level. The main challenges about the CRA focus on the interplay with sector-specific legislations, risk categorisation and conformity assessment. Given the scope of this regulation, the CRA is expected to revolutionise the EU digital market and significantly strengthen the security of supply chains across the Union.
As a key stakeholder, ECSO has been involved since the beginning in assessing how the CRA could overcome modern cybersecurity challenges and will continue to provide recommendations from the European cybersecurity community. ECSO’s contribution to the public consultations was very well received by the European Commission, showing full alignment of intents. ECSO believes that, where possible, existing EU Certification Schemes should be used to provide presumption of compliance for the CRA and that harmonisation with existing legislation (namely NIS2, GDPR, and DORA) should be strengthened. Furthermore, ECSO positively sees the CRA as a competitive advantage for European companies and as a tool to level-up cybersecurity requirements not only in the EU but across the World.
“Securing the supply chain is fundamental for our societal, economical, and political well-being. In this sense, the proposal of the CRA is very important and represents a big step forward for the EU. At ECSO, we welcome the CRA, and we believe that it will deliver added value to the EU and its cybersecurity market”. Dr. Joanna Swiatkowska.