The Regulation on cybersecurity sets, on the one hand, objectives, tasks and organizational aspects relating to ENISA (agency of the European Union for cybersecurity) ; y, por otro lado, un marco para la creación de esquemas europeos de certificación de la ciberseguridad, al objeto de garantizar un nivel adecuado de ciberseguridad de los productos, servicios y procesos de TIC en la UE, así como de evitar la fragmentación del mercado interior en el terreno de los esquemas de certificación de la ciberseguridad. Entrará en vigor el 27 de junio de 2019.
Firstly, develop aspects regarding ENISA that will help reduce the fragmentation of the internal market acting as a reference point for advice and expertise in cybersecurity in the HAT. The regulation establishes its objectives, tasks, organization, forecasts on your budget, staff, and other general provisions, as its legal status.
ENISA tasks include: contribute to the development and implementation of policy and the right of the union; attend building capacities of cybersecurity; support cooperation between member states, institutions, bodies and agencies and union among stakeholders (CERT-UE, network of CSIRT, cyber exercises, reports on the situation of cybersecurity, cooperative response); market, certification of cybersecurity and standardization; knowledge and information; awareness and education; research and innovation; and international cooperation.
La segunda gran cuestión que aborda el Reglamento es la creación del marco europeo de certificación de la ciberseguridad que persigue un planteamiento armonizado de esquemas europeos de certificación de la ciberseguridad en la UE, con el objetivo de crear un mercado único digital para los productos, servicios y procesos de TIC.
This European framework of certification of cybersecurity defines a mechanism for European certification schemes of cyber security, and to confirm that the products, services and processes of TIC that have been evaluated according to these schemes to meet safety requirements specified with the objective of protecting the availability, authenticity, integrity and confidentiality of data stored, transmitted or processed or functions or services offered, or those that allow access, such products, services and processes throughout their life cycle.
The Commission publish a rolling programme of work for the European certification schemes cybersecurity that define the strategic priorities for future schemes. Includes a list of products, services and processes of Tick, or categories of the same, that could benefit their inclusion in the scope of an outline of European certification of cybersecurity.
Also establishes the rules conditions for the application, repair, adoption and revision of European certification schemes of cybersecurity; as well as its objectives, elements, levels of security, dissemination. Also provides forecasts on the certification of cybersecurity; the outlines and national certification certificates of cybersecurity; the national authorities of certification of cybersecurity; agencies of conformity assessment; and on a group Of European Certification of cybersecurity new posts.