Draft communication on the new cybersecurity strategy

11 September 2017
Last week, Politico published a leaked version of a Commission’s draft communication on the new cybersecurity strategy. This document is likely to be officially released this week, together with a proposal for a regulation on security certification and labelling.
The Commission states that it wants to encourage a cybersecurity single market through a cybersecurity certification and labelling framework. The framework schemes would be voluntary and, thus, would not create regulatory obligations for vendors nor providers. Nevertheless, some schemes might give rise to regulatory or legislative requirements. ENISA would be at the heart of this new certification and labelling framework.
In addition, the Commission intends to foster the full implementation of the NIS Directive and will issue recommendations on Member States’ best practices. A permanent mandate will be conferred to ENISA, which will be entrusted with helping Member States in implementing the NIS Directive.