Featured Product

    EC Statement on Cybersecurity Act and Certification Rules in EU

    June 26, 2019

    The European Cybersecurity Act is entering into force on June 27, 2019, thus setting the new mandate of ENISA, which is the EU Agency for Cybersecurity, and establishing the European cybersecurity certification framework. The European cybersecurity certification framework, the first of its kind, establishes the governance and rules for EU-wide certification of information communications technology (ICT) products, processes, and services.

    The EU Cybersecurity Act gives ENISA, the EU Agency for Cybersecurity, more tasks and resources to assist EU member states in dealing with cyber-attacks. ENISA will improve the cybersecurity preparedness and resilience in EU, contributing to better information-sharing between EU member states through the network of Computer Security Incident Response Teams (CSIRTs) and by organizing regular pan-European cybersecurity exercises. 

    Additionally, the Cybersecurity Act introduces for the first time EU-wide rules for cybersecurity certification. Companies in EU will benefit from having to certify their products, processes, and services only once and see their certificates recognized across EU. Under the framework, multiple schemes will be created for different categories of ICT products, processes, and services. Each scheme will specify, among  others, the type or categories of ICT products, services and processes covered, the purpose, the security standards that shall be met, and the evaluation methods.  The schemes will also indicate the period of validity for the certificates issued. ENISA, on request from EC or the European Cybersecurity Certification Group (composed by member states), will prepare the certification schemes that will then be adopted by EC through implementing acts. 

    Regarding the certification framework, EC will prepare the first requests for ENISA to develop certification schemes and set-up the governance structure with the establishment of the relevant expert groups:

    • The European Cybersecurity Certification Group, comprising representatives from member states that will have to appoint the representatives from their competent authorities 
    • The Stakeholder Cybersecurity Certification Group, which will be responsible to advise ENISA and EC

     

    Related Links

    Keywords: Europe, EU, Banking, Insurance, Securities, Cybersecurity Act, ENISA, Cyber Risk, Cybersecurity Certification, Cyber Resilience, EC

    Related Articles
    News

    HKMA Consults on Supervisory Policy for OTC Derivatives Transactions

    HKMA is consulting on revisions to the Supervisory Policy Manual module CR-G-14 on margin and other risk mitigation standards for non-centrally cleared over-the-counter (OTC) derivatives transactions.

    May 25, 2020 WebPage Regulatory News
    News

    PRA on Regulatory Capital and IFRS 9 Requirements for Payment Holidays

    PRA provided further information on the application of regulatory capital and IFRS 9 requirements to payment holidays granted or extended to address the challenges arising from COVID-19 outbreak.

    May 22, 2020 WebPage Regulatory News
    News

    HKMA on Fintech Adoption and Innovation by Banks in Hong Kong

    HKMA announced the publication of a report on fintech adoption and innovation in the banking industry in Hong Kong.

    May 20, 2020 WebPage Regulatory News
    News

    BIS on Impact of Increasing Use of Cloud Technology on Cyber Risk

    BIS published a working paper that examines the drivers of cyber risk, especially in context of the cloud services.

    May 20, 2020 WebPage Regulatory News
    News

    ECB Consults on Guide for Managing Climate and Environmental Risks

    ECB launched consultation on a guide specifying how the Banking Supervision expects banks to consider climate-related and environmental risks in their governance and risk management frameworks and when formulating and implementing their business strategy.

    May 20, 2020 WebPage Regulatory News
    News

    ECB Issues Opinion on Revisions to CRR in Response to COVID Crisis

    ECB published an opinion (CON/2020/16) on amendments to the prudential framework in EU in response to the COVID-19 pandemic.

    May 20, 2020 WebPage Regulatory News
    News

    EBA Assesses Interlinkages Between Recovery and Resolution Planning

    EBA published a report that examines the interlinkages between recovery and resolution planning under the Bank Recovery and Resolution Directive (BRRD).

    May 20, 2020 WebPage Regulatory News
    News

    SRB Publishes Final MREL Policy Under the Banking Package

    SRB published the final Minimum Requirements for Own Funds and Eligible Liabilities (MREL) policy under the Banking Package.

    May 20, 2020 WebPage Regulatory News
    News

    US Agencies Amend Interim Final Rule on Transition Period for CECL

    US Agencies (FDIC, FED, and OCC) published a final rule that makes technical changes to the March 31, 2020 interim final rule that provides a five-year transition period for the impact of the current expected credit loss (CECL) methodology on regulatory capital.

    May 19, 2020 WebPage Regulatory News
    News

    ECB Releases Results of March Survey on Credit Terms and Conditions

    ECB published results of the March 2020 survey on credit terms and conditions in euro-denominated securities financing and over-the-counter (OTC) derivatives markets.

    May 19, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 5208