ECSO and CEN-CENELEC sign Memorandum of Understanding

14 November 2018, Brussels, Belgium
Today Mr Luigi Rebuffi, Secretary General of European Cyber Security Organisation (ECSO) and Mrs Elena Santiago Cid, Director General of CEN and CENELEC co-signed the Memorandum of Understanding for future cooperation.

The aim is to ensure standardisation from formally recognised European and international organisations as a basis for certification schemes in the field of cyber security.

In September 2017, the European Commission adopted a Cybersecurity Package which builds upon existing instruments and presents new initiatives to further improve EU cyber resilience, deterrence and response. Within the Package, the Commission has put forward a legislative proposal which foresees a permanent mandate for the European Union Agency for Network and Information Security (ENISA), as well as the creation of the EU certification framework for ICT security products – ‘the cybersecurity act’.


To ensure an effective European approach to cyber security certification based on standards from formally recognised European and international organisations, CEN-CENELEC has already established a strong cooperation with ENISA, which is now complemented by ECSO, the European Commission’s contractual counterpart for the implementation of the contractual Public-Private Partnership (cPPP) on cyber security.


Today’s Memorandum of Understanding represents the basis for a series of relevant actions: foster information sharing; enable a common understanding on standardisation initiatives; develop a better understanding of industry needs; establish recommendations on certification schemes based on  standards; and coordinate policy input on the Cybersecurity Package, as well as strategic priorities for the European Commissions’ research and innovation agenda.


In its role as the European organisation working on cyber security, ECSO aims to foster cooperation between public and private actors and reach the goals set out by the cPPP in the field of Research and Innovation, allowing citizens and businesses to access innovative and trustworthy European solutions. It also aims to stimulate and support the development of industrial measures geared towards increasing the competitiveness of the cyber security industry and harmonising the cyber security market in Europe.


ECSO Secretary General Luigi Rebuffi highlighted that “ECSO is developing with its members the European cyber security ecosystem, in which research and innovation (R&I) are important building blocks for the European growth. However, innovation should be built upon standards which ensure the promotion of the best practices, interoperability and cyber security requirements in a coherent and consistent way, relevant to the interdependence across the value chain in the ICT industry. Standards could also serve as a key instrument to support and ease the certification. In the very dynamic cyber security market, standardisation is challenging but fundamental to ensure reliable and trusted solutions, as well as the growth of a competitive European industry. For these reasons, close cooperation between ECSO and CEN-CENELEC is very important.”


CEN-CENELEC Director General Elena Santiago Cid added: “CEN and CENELEC are active in responding to European industry needs through European and international standardisation supported by the CEN-CENELEC/JTC 13 “Cybersecurity and Data Protection”. Our work will from now on be enhanced by the collaboration with ECSO. Together, we will build a trustworthy cyber ecosystem for the benefit of all.”

Download the press release.

About European Cyber Security Organisation (ECSO)

The European Cyber Security Organisation (ECSO) established in June 2016, is the contractual counterparty to the European Commission in implementing the contractual Public-Private Partnership (cPPP) on cyber security. ECSO unites a great variety of European cyber security stakeholders, including large companies, SMEs and start-ups, research centres, universities, end-users, operators, clusters and associations, as well as the local, regional and national administrations across the European Union (EU) Member States, the European Free Trade Association (EFTA) and H2020 Programme associated countries. The main goal is to develop European cyber security ecosystem, support the protection of European Digital Single Market and, ultimately, to contribute to the advancement of European digital autonomy. ECSO website:

Media contact: Milda Kaklauskaite, Communications Manager, 


CEN (European Committee for Standardization) and CENELEC (European Committee for Electrotechnical Standardization) are recognized by the European Union (EU) and the European Free Trade Association (EFTA) as European Standardization Organizations responsible for developing standards at European level. These standards set out specifications and procedures in relation to a wide range of materials, processes, products and services. The members of CEN and CENELEC are the National Standardization Bodies and National Electrotechnical Committees of 34 European countries. European Standards (ENs) and other standardization deliverables adopted by CEN and CENELEC, are accepted and recognized in all of these countries. European Standards (ENs) contribute to enhancing safety, improving quality, facilitating cross-border trade and strengthening the European Single Market. They are developed through a process of collaboration among experts nominated by business and industry, research institutes, consumer and environmental organizations, trade unions and other stakeholders. CEN and CENELEC work to promote the international alignment of standards in the framework of technical cooperation agreements with ISO (International Organization for Standardization) and the IEC (International Electrotechnical Commission). CEN website:, CEN-CENELEC website:

Media contact: Sarah Penny, Director Strategy & Governance,