As a reminder, European Parliament and Council negotiators agreed on the European Cybersecurity Act on 10 December 2018.
While waiting for the European Parliament and Council to formally adopt the regulation, substantive preparations are taking place for the new cybersecurity certification framework.
The future cybersecurity certificates will be recognised throughout the EU, and the certification schemes will replace national cybersecurity certification requirements.
What’s your place in all this?
As you will see in Cullen International’s new infographic, industry stakeholders and EU member states can get involved at various stages in the planning and creation of EU certification schemes. However, the process is driven by the European Commission and implemented by the EU Cybersecurity Agency (ENISA).
But what’s covered by the framework?
The framework is for the creation of EU cybersecurity certification schemes for specific ICT products, services and processes, but our infographic takes you all the way from the general work programme to when certificates are issued under a scheme.
Manufacturers and service providers can decide whether or not to get certified (or make a self-assessment in certain cases), unless certification is required by national or EU laws.
Our certification framework infographic makes the path to certification simple.
To get a free download of Cullen International’s infographic, please just "Request Access" below.
If you are interested in more cybersecurity regulatory analysis, please contact us.
We will update the infographic if there are any changes to the Cybersecurity Act before it is formally adopted (expected spring 2019).
more news
25 April 24
[Cullen Explainer] Capital and purchased goods amount to most scope 3 emissions of telecoms operators
Our latest Explainer looks into scope 3 emissions, focusing on the reporting practices of telecoms operators.
22 April 24
Who has not transposed the European Electronic Communications Code yet?
Cullen International’s benchmark analyses the status of transposition of the European Electronic Communications Code (EECC) across the EU 27 plus UK and Norway.
18 April 24
Countries in the Americas are working towards the transparency and explainability of AI-based decisions
The latest update of Cullen International’s benchmark on AI reveals whether governments in the Americas published or proposed specific strategies to foster the adoption of AI-based services.