Eurosmart Welcomes Adoption of the EUCC Scheme, Advocates Collaborative Approach for Sustainable Implementation

Eurosmart Welcomes Adoption of the EUCC Scheme, Advocates Collaborative Approach for Sustainable Implementation

Eurosmart, the leading association representing the digital security industry in Europe, warmly welcomes the recent adoption of the very first EU-wide cybersecurity certification scheme “EU Common Criteria (EUCC) scheme”. This development marks a pivotal step towards strengthening the certification landscape and enhancing digital security across Europe.

The EUCC scheme, adopted by the European Commission, represents a significant milestone in bolstering Europe’s resilience against evolving cyber threats and advancing trust and security in digital technologies. Eurosmart’s extends its appreciation to ENISA for its significant contribution to preparing the scheme and acknowledges the collaborative effort involving a wide range of stakeholders to make the best use of the SOG-IS legacy.

Eurosmart emphasizes the importance of collaboration among policymakers, national agencies, industry stakeholders, and cybersecurity experts in effectively implementing and maintaining the EUCC scheme. through ongoing dialogue and collaboration with the ECCG, ENISA, the European Commission, and national agencies, Eurosmart is committed to supporting the successful implementation and evolution of the EUCC scheme.

Eurosmart and ENISA’s Technical group – maintenance (TGM) have already proposed several scenarios to establish long-lasting framework, drawing upon the SOG-IS technical groups and ensuring a forward-looking approach to new technical domains. Concrete steps are now imperative to solidify stakeholder support for scheme maintenance.

Moreover, as Europe accelerates its digital transformation and establishes a legal framework to bolster the resilience of innovative technologies, cybersecurity certification becomes pivotal for the industry to demonstrate product compliance with legal requirements.

The European legislator increasingly refers to certification schemes to ensure the proper implementation of many new cyber legislations such as the AI Act, EU Digital Identity Framework, NIS2, and Cyber Resilience Act. In essence, Europe depends on cybersecurity certification to provide the so-called “compliance” and “presumption of conformity.”

The EU CC is, therefore, expected to encompass a broad spectrum of applications, and additional efforts shall be made to adapt it to evaluate new types of products and different security levels. Industry involvement in such processes is crucial to ensuring that certified products, processes, and services gain broader acceptance and recognition within the EU market, fostering a conducive environment for digital innovation and economic growth. Eurosmart and the digital security industry remain dedicated to contributing to the increase of the scope of applications, advancing cybersecurity best practices, promoting innovation, and safeguarding.