Read about the Challenges ahead for the roll-out of the Cybersecurity Act

ECSO is proud to release “Challenges ahead for the roll-out of the Cybersecurity Act” document which originates from the answers provided by ECSO members to an internal survey meant to shed light on several issues related to the implementation of the Cyber Security Act, the forthcoming European certification schemes, their priorities and their implementation.
The objective of this document is to highlight and understand the main challenges that could hinder the usage of future European cybersecurity certification schemes across industries and identify necessary steps and aspects to be considered and investigated by our Working Group in its 2021 work programme
 
“Highlighting the views of the Cyber Security community,  ECSO proposes in this document an interesting indicator of the perceived impacts of the cybersecurity act and as well explorable paths towards an unfractured and competitive EU CS landscape  “ – said Mario Jardim, Co-Chair of the Working Group on Standardisation, Certification, Supply Chain Management
 
“This document elaborated through a diverse and collaborative team gives an overview on the key challenges the cyber community (including all stakeholders) has to face in the coming months to ensure a consistent and efficient implementation of the Cyber Security Act. Consistency shall be addressed across the certification schemes ant across industries, complementing and not overlapping or contradicting the existing regulatory framework. As nothing can be done one day and the implementation of the Cyber Security Act will be a long journey priorities of work are proposed to tackle the emergent and critical business needs.” – added Philippe Jeanmart, Co-Chair of the Working Group on Standardisation, Certification, Supply Chain Management.
 

*This document highlights the challenges posed by the cybersecurity actors represented by ECSO members and reflects the perception of the market of the CSA and its future certification systems" - stated Boutheina Chetali Chair of Connected Components sub-Working Group.

Given the voluntary character of CSAs and derived regimes, the implementation of responses to these challenges will bring coherence,  foster market acceptance and trustworthiness  in the certified products.

This document identifies important pillars to help understand the interaction among the different certification schemes and sector needs. A separate discussion addressing the consistencies and harmonisation between the Cyber Security Act, Directives and Regulations is also envisaged by the Working Group in future documents in collaboration with the ECSO Legal and Regulatory Task Force.