Featured Product

    EC Statement on Cybersecurity Act and Certification Rules in EU

    June 26, 2019

    The European Cybersecurity Act is entering into force on June 27, 2019, thus setting the new mandate of ENISA, which is the EU Agency for Cybersecurity, and establishing the European cybersecurity certification framework. The European cybersecurity certification framework, the first of its kind, establishes the governance and rules for EU-wide certification of information communications technology (ICT) products, processes, and services.

    The EU Cybersecurity Act gives ENISA, the EU Agency for Cybersecurity, more tasks and resources to assist EU member states in dealing with cyber-attacks. ENISA will improve the cybersecurity preparedness and resilience in EU, contributing to better information-sharing between EU member states through the network of Computer Security Incident Response Teams (CSIRTs) and by organizing regular pan-European cybersecurity exercises. 

    Additionally, the Cybersecurity Act introduces for the first time EU-wide rules for cybersecurity certification. Companies in EU will benefit from having to certify their products, processes, and services only once and see their certificates recognized across EU. Under the framework, multiple schemes will be created for different categories of ICT products, processes, and services. Each scheme will specify, among  others, the type or categories of ICT products, services and processes covered, the purpose, the security standards that shall be met, and the evaluation methods.  The schemes will also indicate the period of validity for the certificates issued. ENISA, on request from EC or the European Cybersecurity Certification Group (composed by member states), will prepare the certification schemes that will then be adopted by EC through implementing acts. 

    Regarding the certification framework, EC will prepare the first requests for ENISA to develop certification schemes and set-up the governance structure with the establishment of the relevant expert groups:

    • The European Cybersecurity Certification Group, comprising representatives from member states that will have to appoint the representatives from their competent authorities 
    • The Stakeholder Cybersecurity Certification Group, which will be responsible to advise ENISA and EC

     

    Related Links

    Keywords: Europe, EU, Banking, Insurance, Securities, Cybersecurity Act, ENISA, Cyber Risk, Cybersecurity Certification, Cyber Resilience, EC

    Related Articles
    News

    HKMA Urges Early Action for Adherence to IBOR Fallbacks Protocol

    HKMA urged authorized institutions to take early action to adhere to the IBOR Fallbacks Protocol, which ISDA is expected to publish soon.

    October 16, 2020 WebPage Regulatory News
    News

    FSB Sets Out Roadmap for Transition to Alternative Reference Rates

    FSB published a global transition roadmap for London Inter-bank Offered Rate (LIBOR).

    October 16, 2020 WebPage Regulatory News
    News

    HM Treasury Publishes Response to Proposal on BRRD2 Transposition

    HM Treasury published a document that summarizes the responses received from a consultation on the approach of UK to transposition of the revised Bank Resolution and Recovery Directive (BRRD2).

    October 15, 2020 WebPage Regulatory News
    News

    HM Treasury Publishes Response to Proposal on CRD5 Transposition

    HM Treasury published the government response to the feedback received on the consultation for updating the prudential regime of UK before the end of the Brexit transition period.

    October 15, 2020 WebPage Regulatory News
    News

    PRA Updates Supervisory Statement on Counterparty Credit Risk

    PRA published the final policy statement PS22/20, which contains the updated supervisory statement SS12/13 on counterparty credit risk.

    October 14, 2020 WebPage Regulatory News
    News

    FSB Publishes Update on Work to Address Market Fragmentation

    FSB published an update on its work to address market fragmentation. FSB is working in this area in collaboration with the other standard-setting bodies.

    October 14, 2020 WebPage Regulatory News
    News

    EBA Proposes to Revise Guidelines on Incident Reporting Under PSD2

    EBA proposed revisions to the guidelines on major incident reporting under the second Payment Service Directive (PSD2).

    October 14, 2020 WebPage Regulatory News
    News

    EBA Finalizes Standards for Prudential Treatment of Software Assets

    EBA published the final draft regulatory technical standards specifying the methodology for prudential treatment of software assets by banks.

    October 14, 2020 WebPage Regulatory News
    News

    FSB Publishes Roadmap on Cross-Border Payments, Report on Stablecoins

    FSB published a report presenting the roadmap to enhance cross-border payments by providing a high-level plan that sets ambitious but achievable goals and milestones in the five focus areas.

    October 13, 2020 WebPage Regulatory News
    News

    EIOPA Urges Insurers to Prepare for End of Brexit Transition

    In a recent communication, EIOPA urged the insurance sector to complete its preparations for the end of the Brexit transition period on December 31, 2020.

    October 13, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 5959