The European Union through ENISA is developing EU cybersecurity certification which provides evidence of compliance to a given level of trust.
Certification
The mission of ENISA in the area of the EU cybersecurity certification framework is outlined as follows: 'to proactively contribute to the emerging EU framework for the ICT certification of products and services and to carry out the drawing up of candidate certification schemes in line with the Cybersecurity Act, and additional services and tasks'.
Through the Cybersecurity Act, ENISA has been singled out as the appropriate organisation to deliver on the promise of drawing up candidate certification schemes in an EU cybersecurity certification framework [Link to subtopic]. ENISA, with its pivotal role as an agency that engages with public services as well as with industry and standardisation organisations, provides a sound reference point to develop candidate cybersecurity certification schemes [Link to subtopic]. This work can only be achieved with the participation and support of the ecosystem as shown by calls to participate [Link to subtopic] in Ad-Hoc Working Groups or calls to comment on draft versions of candidate schemes.
Stakeholders can find all information relative to applicable EU Cybersecurity Certification schemes on a dedicated Website.
-
Methodology for Sectoral Cybersecurity AssessmentsThe methodology for sectoral cybersecurity assessments described in this document (called SCSA Methodology) addresses objectives in the context of...
-
Public Consultation on the draft Candidate EUCC SchemeThis report presents the outcome of the public consultation on the first draft of the cybersecurity certification candidate EUCC scheme. The scheme...