11 Oct 2018 European Cybersecurity Competence Centre- Answer to public consultation

On the 13^th of September, Eurosmart – the voice of the Digital Security Industry – welcomed the European Commission proposal for a regulation establishing the European Cybersecurity Competence Centre (ECCC) and its related Community.

Eurosmart is fully committed to the achievement of the European Digital Single Market and supports all the efforts made by the European Commission to boost the European cyber-resilience and to create a competitive European cybersecurity industry.

The establishment of strong links between the European research in the field of cybersecurity, Public Authorities, cybersecurity product manufacturers and solution providers is one of the paramount objectives that Eurosmart shares with the European Commission.

With the aim of encouraging the Cybersecurity ecosystem in Europe and competing on a global cybersecurity market, Eurosmart expects from the future ECCC:

1. Capitalising on the cybersecurity public-private partnership approach

The Cybersecurity public-private partnership and the creation of the European Cybersecurity Organisation (ECSO) laid the groundwork to mutualise knowledge and enhance the collaboration amongst stakeholders involved in Cybersecurity. Eurosmart supports the European Commission proposal to capitalize on lesson learned from the cPPP and argues for enhanced cybersecurity actions through working groups of the Cybersecurity Community.

2. Pursuing the objectives of the Cybersecurity act

The ongoing proposal for a Cybersecurity Act would establish a European Cybersecurity certification framework. This proposal will give impetus to the whole Cybersecurity Industry which would take advantage of a robust, trusted and scalable Cybersecurity Certificate. This proposal will contribute to the European cyber-resilience for both companies and citizens.

Eurosmart sees a unique opportunity to consolidate this approach and its community through the ECCC by sharing know-how amongst the stakeholders. The Digital Security Industry advocates for the State-of-the-Art (SOTA) within the upcoming EU certification framework and is ready to contribute to the debate. Namely, those involved could take benefit from the development of proposal regarding candidate certification scheme.

ECCC could be a relevant tool to invite all the actors (SMEs included) to gain access or to shape proposals on candidate certification scheme. This activity would require full involvement of ENISA and competent authorities in the Community as well as high degree of representation of the diversity of the European cybersecurity ecosystem.

Regarding standardisation in the field of Cybersecurity, a further collaboration with the European Standardisation Organisations (ESOs) should be agreed and more specifically with the eventual working groups related to the EU Cybersecurity Certification Framework.

3. Strengthening the level of investment in Cybersecurity infrastructures product and solutions in Europe

Eurosmart supports the idea of specific investments for Cybersecurity and advocates for the identification of clear budget lines of Digital Europe and Horizon Europe programmes which would be dedicated to the ECCC and its actions. The Digital Security Industry is convinced that a more consistent and specific approach will enable the involvement of actors in the Competence Centre.

Once the ECCC is established, the Member States should be encouraged to leverage innovations and solutions from both the research in the field of Cybersecurity and the European Industry. To achieve this goal, a political impetus from the European Union could be triggered with the support of the Community.