- The EU wants to streamline its cybersecurity certification process
- Voluntary certification demonstrates compliance across products, services and more
- Changes to the NIS2 directive are also to facilitate compliance for 28,700 European companies
The European Commission has set out plans to overhaul its Cybersecurity Act, which it says comes in response to an increase in attacks on critical services and democratic institutions.
The proposed changes set out a “cyber-secure by design” approach that speeds up and simplifies the certification process to help reduce reliance on suppliers deemed to have national security concerns.
Lawmakers are concerned about increasing activity by state-backed groups as geopolitical tensions continue globally.
The European proposal targets critical cybersecurity for services
“Recent cyber security incidents have highlighted the major risks posed by vulnerabilities in ICT supply chains, which are critical to the operation of critical services and infrastructure,” the Commission wrote in an update.
The proposal enables mandatory de-risking of telecommunications networks from high-risk vendors, building on the existing 5G security toolbox that has been unevenly adopted across the bloc.
The European Agency for Cyber Security (ENISA) certifications will be voluntary, but serve as a way to prove compliance with European legislation. “In the end, it renewed [European Cybersecurity Certification Framework (ECCF)] will be a competitive asset for EU companies,” the announcement reads.
Certification will cover products, services, processes, managed security services and organizational cyber posture.
Politicians also want to simplify the NIS2 directive to ease compliance for an estimated 28,700 companies.
Changes to the Cybersecurity Act and the NIS2 Directive are subject to approval, after which bloc members have one year to implement the changes.
Technical sovereignty, security and democracy EVP Henna Virkkunen described cyber security threats as “strategic risks to our democracy, economy and way of life.”
“With the new cyber security package, we will have the means in place to better protect our critical ICT supply chains, but also to combat cyber attacks decisively.”
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
