News & Events

Article

EU adopts first Cybersecurity Certification Scheme

September 3, 2024

The European Commission has adopted the EU Cybersecurity Certification Scheme (EUCC), based on the Common Criteria, as the first certification scheme under the EU Cybersecurity Act. This scheme, drafted by ENISA (the EU’s cybersecurity agency) with expert input from industry and national cybersecurity authorities, aims to enhance the cybersecurity of ICT products, services, and processes across the EU by setting common standards and procedures. The EUCC is voluntary and allows ICT suppliers to certify their products, showcasing their security assurance.

The EUCC builds upon the existing SOG-IS Common Criteria framework used in 17 EU countries and provides two levels of assurance based on risk. It is intended to replace national certification schemes and help European businesses compete on national, EU, and global levels. The scheme is expected to encourage suppliers to comply with certification requirements, improving cybersecurity standards.
ENISA developed the scheme in consultation with experts and transmitted it to the European Commission, which adopted it through the comitology process. A transition period allows for the continued use of existing certifications, and vendors can convert their current certifications to EUCC. ENISA will oversee the publication of EUCC certificates and provide supporting materials to help with the scheme’s implementation.

For more click here.

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.