News & Publications

On the adoption of the Cybersecurity Act

10 April 2019

Eurosmart welcomes an ambitious step forward in enhancing the European Digital autonomy while promoting the European values

Eurosmart – the voice of the Digital Security – welcomes the adoption of the Cybersecurity Act by the Council of the European Union on the 9th of April 2019. On this occasion Eurosmart warmly commends the courageous proposal from the European Commission (DG CONNECT) as well as the in-depth involvement of both co-legislators.

Eurosmart is convinced that the permanent mandate given to the EU Agency for Cybersecurity (ENISA) will be of benefit to the necessary increased EU-wide cooperation amongst the national cybersecurity agencies to identify, prevent and tackle cyber-attacks and threats.

Over the last 15 years ENISA has been demonstrating its relevance as a center of excellence in Cybersecurity by strengthening the cyber-resilience of the European continent.

The new shape of the agency will be able to better support and reinforce the work of the EU’s national security agencies by enabling enhanced European cybersecurity capacity. The setting-up of the European Cybersecurity Certification framework is also a great breakthrough for security and privacy by design principles for ICT products, services and processes.

“On the occasion of the new ENISA’s mandate, we want to reiterate our message to all the community: Cybersecurity is above all a matter of human know-how, we have created in Europe a unique knowledge on hardware and software pentesting that make ICT products resistant to potential attacks” explained Stefane Mouille, President of Eurosmart “The increasing and never ending stream of cyber-attacks that Europe has been experiencing over the last 20 years, demonstrates the need to pool the European knowledge in Cybersecurity and increase the capacities of the European response. This is a real question of digital sovereignty.”

Eurosmart particularly appreciates the recent European initiatives to boost its cybersecurity industry in order to compete on global security market.

The Cybersecurity Act sets up a Cybersecurity certification framework for ICT products, services and processes, such an initiative will definitively contribute to the completion of the European Digital Market for Cybersecurity. At the same time, this framework shall enhance the European Cybersecurity competitiveness by fully exploiting its assets and unique know-how such as penetration testing while evaluating critical products. Eurosmart and its members pay particular attention to the level of resistance to potential attacks for products placing on the European Market. The European cybersecurity framework is a unique tool to promote the European values in terms of data privacy, security by design and security by default for all digital goods.

“Digital is like gravity, its everywhere in our life” said Stefane Mouille “interconnexion of devices, networks and infrastructures is a real benefit for our societies, social life and economy but widen at the same time the surface for potential attacks. From malicious script kiddies to criminal and terrorist organisations, a wide range of new threats are emerging with the IoT deployment and the future 5G decentralised infrastructures. The European Digital market and our interconnected infrastructures shall be well prepared and become even more resilient by using European certified ICT products, services and processes”.

By referring future trustworthy European cybersecurity certification schemes in its future legislation, the European Union could impose a certain level of security alongside current safety requirements, and thus to address sectorial cybersecurity issues to the benefit of the European citizens.

Eurosmart holds a long track records in promoting Cybersecurity Certification methodologies through a 24-year-old sound collaboration with SOGIS (Senior Official Group Information System Security) that set out a mutual recognition of security certificates for the highest levels. By operating two of the SOGIS technical working group on Hardware attacks and Evaluation methodology, Eurosmart welcomes the fact that the Commission and the Member States have been working on the transposal of these unique asset at the European level through a dedicated European certification scheme. Eurosmart, as a pool of digital security experts remains committed in the technical achievement of an ambitious European Cybersecurity Certification Framework which could become a world-wide reference in terms of reliability, and at the same time promote the European values.