May 22, 2022

Volume XII, Number 142

Advertisement
Advertisement

May 20, 2022

Subscribe to Latest Legal News and Analysis

May 19, 2022

Subscribe to Latest Legal News and Analysis
Advertisement

European Commission issues a new EU Cybersecurity Strategy

On 13 September 2017, the President of the European Commission, Jean Claude Juncker, announced during his State of the Union address the intention to propose new legislative measures that will boost the cybersecurity resilience within the EU. Following the President’s speech, the European Commission published the following initiatives:

Overall, these initiatives seek to remedy the current fragmentation of Member States’ policies and cybersecurity approaches by increasing the capabilities, preparedness and available resources for Member States and businesses.

The proposed Cybersecurity Act Regulation is divided into two pillars:

  • the first pillar focuses on the powers and organizational evaluation of the EU Agency for Network and Information Security (“ENISA”);

  • the second pillar proposes a framework of European Cybersecurity Certification Schemes (“ECCS”) for Information and Communications Technology (“ICT”) products and services.

The proposed Regulation expands ENISA’s mandate to an independent cybersecurity center, which would assist the EU Institutions, EU bodies and Member States in developing and implementing cybersecurity policies. Moreover, ENISA will have additional obligations related to, among other things, capacity building, operational cooperation, cybersecurity certification and international cooperation. The European Commission will be evaluating ENISA’s performance every five years following the entry into force of the draft Regulation.

The Framework establishing the ECCS has been proposed to ensure transparency of ICT products and services, which include connected devices (such as hardware, software and connected cars), and to create a voluntary pan-European certification scheme per industry sector (such as the transport, energy and health sector). ICT products and services should comply with specified requirements to ensure availability, authenticity, integrity and confidentiality of stored, transmitted or processed data. A European Cybersecurity Certification Body shall be created to assist the European Commission with this Framework and to monitor the ECCS’ functioning in cooperation with ENISA.

The two co-legislators, the European Parliament and Council, will now deliberate on these initiatives.

The Commission will present its proposal on Cybersecurity on Tuesday 19 September 2017.

© Copyright 2022 Squire Patton Boggs (US) LLPNational Law Review, Volume VII, Number 257
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Christina Economides Public Policy Attorney Squire Patton Boggs Brussels, Belgium
Public Policy Advisor

Christina Economides is an advisor in the firm’s Public Policy Practice in Brussels in coordination with the Public Policy International Group. She is also a member of the firm’s Healthcare Industry Group leadership team.

Christina advises clients on technology, digital economy, taxation, financial services, and health regulatory and policy matters. Prior to joining the firm, Christina worked for a Brussels-based EU public affairs consultancy, focused on financial services, ICT/data protection and competition matters, and was inter alia running the Secretariat of the...

322 627-11-05
Advertisement
Advertisement
Advertisement