ENISA issues today its report on the Challenges of security certification in emerging ICT environments. The report is targeted at EU Member States (MS), the Commission, certification bodies and the private sector, and provides a thorough description of the cyber security certification status concerning the most critical equipment in various critical business sectors.
The study contains information on the certification of devices in five business sectors namely, electricity, healthcare, information and communication technology, railway and water transport. It describes the situation in the EU, and discusses the advantages and challenges towards a more harmonised certification practice.
The key finding of the report, is that every sector has its own functional and security challenges, which makes the target of a common certification framework a challenge in itself. Based on desk research and expert validation, an analysis is done to study the existing frameworks and standards, and to identify certification drivers, best practices and candidate products for certification of the five selected sectors. Finally an aggregated table is provided, which shortly reflects the certification drivers, the market situation and the recommendation for certification for each identified device.
For the full report
For interviews and press inquiries please contact press@enisa.europa.eu , Tel. +30 2814 409576