The Regulation known as the “Cybersecurity Act” was signed into law in April 2019. The Regulation reforms the EU’s Cybersecurity Agency (ENISA), in particular by granting it a permanent mandate and greater resources. The Regulation also creates a Cybersecurity Certification Framework for ICT products and services.
The Parliament’s work was led by the Industry Committee (ITRE), but IMCO had shared competence on the subject of certification.
The new framework for Cybersecurity Certificates for ICT products, processes and services will be valid throughout the EU. This is especially important, given that the number of connected products is set to soar in the coming years, and the framework addresses the challenge of enhancing the security of these products. Thanks to the IMCO committee's work, there will be robust supervision and enforcement of the certification framework, including a system of peer-review for national certification bodies, and consumers will have access to proper information on the security profile of connected products.
Further information
Procedure file: Cybersecurity Act
Press release: Cybersecurity: MEPs back rules to help vital services resist online threats
EPRS Briefing on the Cybersecurity Act
Procedure file: Cybersecurity Act
Press release: Cybersecurity: MEPs back rules to help vital services resist online threats
EPRS Briefing on the Cybersecurity Act
Source : © European Union, 2019 - EP