As a reminder, European Parliament and Council negotiators agreed on the European Cybersecurity Act on 10 December 2018.
While waiting for the European Parliament and Council to formally adopt the regulation, substantive preparations are taking place for the new cybersecurity certification framework.
The future cybersecurity certificates will be recognised throughout the EU, and the certification schemes will replace national cybersecurity certification requirements.
What’s your place in all this?
As you will see in Cullen International’s new infographic, industry stakeholders and EU member states can get involved at various stages in the planning and creation of EU certification schemes. However, the process is driven by the European Commission and implemented by the EU Cybersecurity Agency (ENISA).
But what’s covered by the framework?
The framework is for the creation of EU cybersecurity certification schemes for specific ICT products, services and processes, but our infographic takes you all the way from the general work programme to when certificates are issued under a scheme.
Manufacturers and service providers can decide whether or not to get certified (or make a self-assessment in certain cases), unless certification is required by national or EU laws.
Our certification framework infographic makes the path to certification simple.
To get a free download of Cullen International’s infographic, please just "Request Access" below.
If you are interested in more cybersecurity regulatory analysis, please contact us.
We will update the infographic if there are any changes to the Cybersecurity Act before it is formally adopted (expected spring 2019).
more news
10 July 25
WhatsApp and other communication apps must allow legal interception in less than half of the EU countries
Our new pan-European benchmark examines national rules of lawful interception obligations for number-independent interpersonal communications service providers, such as WhatsApp.
09 July 25
Countries tighten IoT rules with new security, numbering and device measures
Our Quarterly Regulatory Update on IoT and M2M Services (Q2 2025) highlights how national regulators are shaping the future of IoT and M2M services in areas such as cross-border connectivity, device regulation, and security.
08 July 25
Copper decommissioning emerges as critical challenge in global transition to gigabit networks
Our latest Global Trends report examines how 15 major markets are approaching the transition from legacy copper infrastructure to future-proof gigabit networks.