ETSI advisor at the Stakeholder Cybersecurity Certification Group launched by the EC

Sophia Antipolis, 24 June 2020

ETSI is pleased to announce that it has been invited to be part of the newly formed Stakeholder Cybersecurity Certification Group. The kick-off meeting took place today. Together with the European Cybersecurity Certification Group (ECCG), composed of Member States’ representatives, the newly established Stakeholder Cybersecurity Certification Group (SCCG) will advise the Commission on strategic issues regarding the European cybersecurity certification framework. It will also assist the Commission in the preparation of the Union rolling work programme, which sets the priorities for the definition of schemes within the EU cybersecurity certification framework. ETSI will bring in its long-standing experience in cybersecurity, with standards developed both for enterprises and consumers within several of its technical bodies, including the Technical Committee CYBER.

The SCCG is composed of representatives from 50 organizations — eight invited directly by the Commission and 42 selected via an open call. The members of the SCCG represent a broad range of interests and include representatives of trade associations, companies, academic institutions, consumer organizations, conformity assessment bodies, standard developing organizations and, other membership organizations.

This week marks the first anniversary of the EU Cybersecurity Act, which provides ENISA (European Union Agency for Cybersecurity) with a permanent mandate, increased responsibilities and more resources. The EU cybersecurity certification framework, also established under the CSA, allows for the creation of market-driven EU certification schemes and helps reduce fragmentation between existing cyber certification schemes. It will deliver certification schemes recognized in all Member States, making it easier for businesses to trade across borders and for users to understand the security features of products or services.

The European Union is working to build the necessary cybersecurity culture and capabilities to resist and respond to the very real and ever-changing cyber threats and cyber-attacks.

ENISA is already working closely with industry stakeholders and SDOs such as ETSI to build candidate EU cybersecurity certification schemes in response to dedicated requests issued directly by the European Commission.

More information can be found on the EC website