ECSO releases its input on European Cyber Security Certification
Read about the Challenges ahead for the roll-out of the Cybersecurity Act
ECSO is proud to release “Challenges ahead for the roll-out of the Cybersecurity Act” document which originates from the
answers provided by ECSO members to an internal survey meant to shed light
on several issues related to the implementation of the Cyber Security Act,
the forthcoming European certification schemes, their priorities and their
implementation.
The objective of this document is to highlight and understand the main
challenges that could hinder the usage of future European cybersecurity
certification schemes across industries and identify necessary steps and
aspects to be considered and investigated by our Working Group in its 2021 work programme
“Highlighting the views of the Cyber Security community, ECSO proposes in
this document an interesting indicator of the perceived impacts of the
cybersecurity act and as well explorable paths towards an unfractured and
competitive EU CS landscape “ – said Mario Jardim, Co-Chair of the
Working Group on Standardisation, Certification, Supply Chain Management
“This document elaborated through a diverse and collaborative team gives an
overview on the key challenges the cyber community (including all stakeholders)
has to face in the coming months to ensure a consistent and efficient
implementation of the Cyber Security Act. Consistency shall be addressed
across the certification schemes ant across industries, complementing and not
overlapping or contradicting the existing regulatory framework. As nothing
can be done one day and the implementation of the Cyber Security Act
will be a long journey priorities of work are proposed to tackle the
emergent and critical business needs.” – added Philippe Jeanmart, Co-Chair of the
Working Group on Standardisation, Certification, Supply Chain Management.
*This document highlights the challenges posed by the cybersecurity actors represented by ECSO members and reflects the perception of the market of the CSA and its future certification systems" - stated Boutheina Chetali Chair of Connected Components sub-Working Group.
Given the voluntary character of CSAs
and derived regimes, the implementation of responses to these challenges will
bring coherence, foster market
acceptance and trustworthiness in the
certified products.
This document identifies important pillars to help understand the interaction
among the different certification schemes and sector needs. A separate
discussion addressing the consistencies and harmonisation between the Cyber
Security Act, Directives and Regulations is also envisaged by the Working
Group in future documents in collaboration with the ECSO Legal and Regulatory
Task Force.