The Cybersecurity Act finally adopted
The cybersecurity act marks another step forward in this commitment to build an european digital single market. On June 7, the cybersecurity act regulation was published in the Official Journal of the European Union thus marking its final adoption. This regulation is crucial and marks European strategic autonomy.
Strengthening the role of the ENISA
Created in 2004, ENISA is the European agency responsible for network and information systems security. It informs and advises both public and private bodies, also facilitates their mutual cooperation. Indeed, cooperation between member states is more than necessary today with the increase in cyber attacks and their harmful social, economics and politics consequences.
The regulation gives it more means and resources to fight cyber attacks. It now has a permanent mandate, whereas its previous mandate was limited and was due to expire in 2020. It is a reference point for cybersecurity in the European Union.
A common certification framework
In addition, the Regulation establishes a European certification framework for products, processes and services by removing certifications at member state level. This certification is unprecedented and will make it possible to determine the level of safety of a product according to a reference system and a scheme. The Cybersecurity Act provides three levels of certification: elementary; substantial or high.
In this way, security elements will be integrated from the very beginning of the design phase. With the expansion of the Internet of Things within households and the 5G deployment, this certification will strengthen user confidence and provide a competitive advantage for companies.
The cybersecurity act enters into force on june 27, 2019.