Standardization conference explores EU cybersecurity legislation
Sophia Antipolis, 16 March 2022
On 15 March, the European Standards Organizations (ESOs), CEN, CENELEC and ETSI, joined forces with ENISA, the European Union Agency for Cybersecurity, to organize their 6th annual conference. The virtual conference focused on ‘European Standardization in support of the EU cybersecurity legislation’ and attracted over 900 attendees from the EU and from around the world.
The event opened with the European Standards Organisations, ENISA and the European Commission giving an overview of the EU cybersecurity standardisation landscape.
Wolfgang Niedziella, CENELEC President, said: “It is without doubt that European standardization plays a key role in cybersecurity: it helps strengthen Europe’s collective resilience against cyber-threats and ensure that all citizens and businesses can benefit from trustworthy and reliable products, services and processes. For this reason, CENELEC, together with CEN is committed to working together with ENISA and all relevant stakeholders to build a sustainable European cybersecurity standardization system that can support European interests and foster the uptake of cybersecurity solutions in the Single Market”.
Luis Jorge Romero, ETSI Director General said: “The digital world shapes the present and the future of individuals, businesses, and administrations. For ETSI, developing standards that enable a sustainable and securely connected society has been at the heart of our work for more than 30 years now. The EU legislation and policy initiatives on cybersecurity reinforce our commitment to deliver the supporting standards. This event is the opportunity to have, once again, the EC, ENISA, and the ESOs working hand in hand for the benefit of the European society.”
Juhan Lepassaar, Executive Director of the European Union Agency for Cybersecurity said: “In a world where digital tools and services have become our daily companions, standards help us make better decisions. They ensure safety, quality control and compatibility between products while simplifying the life of manufacturers. This is why ENISA is engaged to look at ways standards can also frame cybersecurity legislation to enhance consumers’ trust.”
The purpose of the conference was twofold. First of all, the event presented current developments in the area of cybersecurity standardization. It also fostered a dialogue among policy makers, industry, research, consumer associations, standardization and certification organizations, including all of those involved in the development of the ICT certification framework in Europe.
The conference was organized around four panels where ongoing standardization work and future requirements were discussed. Panellists expressed their views on how to support the revision of the NIS directive, the European Digital Identity (EUid) regulation for digital identity wallets, the AI Act and the data protection legislative framework.
The closing panel concluded on the need for closer collaboration between all stakeholders and outlined the strategic relevance of standards.
The European Union Agency for Cybersecurity seizes the opportunity of the standardization conference to issue two new reports on standardization in support of cybersecurity policy. The first is an overview of existing standards in relation to risk management describing methodologies and tools used to meet standards’ requirements. The second report focuses on 5G cybersecurity and analyzes standards contributing to the mitigation of technical and organizational risks in the 5G ecosystem. Both reports identify standardization gaps, and provide recommendations to enhance standards coverage in these areas, based on the needs of stakeholders.
ETSI provides members with an open and inclusive environment to support the development, ratification and testing of globally applicable standards for ICT systems and services across all sectors of industry and society. We are a non-profit body, with more than 950 member organizations worldwide, drawn from 64 countries and five continents. The members comprise a diversified pool of large and small private companies, research entities, academia, government, and public organizations. ETSI is officially recognized by the EU as a European Standards Organization (ESO). For more information, please visit us at https://www.etsi.org/
Tel.: +33 (0)6 87 60 84 40
About CEN and CENELEC
CEN (European Committee for Standardization) and CENELEC (European Committee for Electrotechnical Standardization) are recognized by the European Union (EU) and the European Free Trade Association (EFTA) as European Standardization Organizations responsible for developing standards at European level. These standards set out specifications and procedures in relation to a wide range of materials, processes, products and services. The members of CEN and CENELEC are the National Standardization Bodies and National Electrotechnical Committees of 34 European countries. European Standards (ENs) and other standardization deliverables adopted by CEN and CENELEC, are accepted and recognized in all of these countries. CEN-CENELEC website: www.cencenelec.eu
Tel.: +32 474 98 21 17
The European Union Agency for Cybersecurity, ENISA, is dedicated to achieving a high common level of cybersecurity across Europe. ENISA contributes to EU cyber policy, enhances the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow. The Cybersecurity Act gives mandate to the European Union Agency for Cybersecurity to monitor developments in the area of standardisation. The work of the Agency builds on the on-going standardisation work of the European Standardisation Organisations: CEN, CENELEC, ETSI, as well as the Cybersecurity Coordination Group (CSCG).
Tel.: +30 695 661 0743