Abstract
The emerging EU cybersecurity certification framework proposed by the European Commission by means of the Cybersecurity Act seeks to complement the efforts of the EU Member States in the area of certification of products and services. While EU Member States retain full operational capacity in the aftermath of this proposal, a European Cybersecurity Coordination Group undertakes the governance of the certification framework and ENISA assumes a role in the drawing up of certification schemes. The expectation that the EU certification framework build upon is that it will enhance the ability of the EU to compete in the global cyber-security arena and improve security conditions for consumers and businesses in the EU as a whole.
Similar content being viewed by others
Literature
ISO/IEC 15408-1:2009, Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model.
ENISA Report (2017) Considerations on ICT security certification in EU - Survey Report, Athens: ENISA. https://www.enisa.europa.eu/publications/certification_survey/at_download/fullReport
ENISA Report (2017) Overview of the ICT Certification Laboratories practices in Europe, Athens: ENISA. https://www.enisa.europa.eu/publications/overview-of-the-practices-of-ict-certification-laboratories-in-europe
Posner, R., (2003) Economic analysis of Law, New York: Aspen Publishers.
Author information
Authors and Affiliations
Corresponding author
Additional information
Dr. Andreas Mitrakas LL.M., M.Sc. is a Head of Unit „Data security & standardization“ at the European Union Agency for Network and Information Security (ENISA).
Rights and permissions
About this article
Cite this article
Mitrakas, A. The emerging EU framework on cybersecurity certification. Datenschutz Datensich 42, 411–414 (2018). https://doi.org/10.1007/s11623-018-0969-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11623-018-0969-2