The European Union through ENISA is developing EU cybersecurity certification which provides evidence of compliance to a given level of trust.
Certification
The mission of ENISA in the area of the EU cybersecurity certification framework is outlined as follows: 'to proactively contribute to the emerging EU framework for the ICT certification of products and services and to carry out the drawing up of candidate certification schemes in line with the Cybersecurity Act, and additional services and tasks'.
Through the Cybersecurity Act, ENISA has been singled out as the appropriate organisation to deliver on the promise of drawing up candidate certification schemes in an EU cybersecurity certification framework. ENISA, with its pivotal role as an agency that engages with public services as well as with industry and standardisation organisations, provides a sound reference point to develop candidate cybersecurity certification schemes.
This work can only be achieved with the participation and support of the ecosystem as shown by calls to participate in Ad-Hoc Working Groups or calls to comment on draft versions of candidate schemes.
EU Cybersecurity Certification is also showcased in a dedicated website. Nowadays it is short and simple with the goal to provide transparency and disseminate the concept of EU cybersecurity certification. In the long run, the website will showcase the harmonisation of cybersecurity Trust amongst EU countries through the display of the catalogue of EU Certified ICT solutions and their certificates as well as the published schemes and information about transition.