PAe - Published the European regulation on cybersecurity
the accesskey _ mod _ content

Published on European regulation on cybersecurity

10 June 2019

June 7 was published in the regulation DOUE 2019/881 of the European parliament and the council relating to ENISA (European agency for cybersecurity) and certification of cybersecurity of information technologies and communication and repealing Regulation 526/2013 (regulation on cybersecurity).

The Regulation on cybersecurity (Opens in new window) , establece, por un lado, los objetivos, tareas y aspectos organizativos relativos a ENISA (agency of the European Union for cybersecurity) (Opens in new window) ; y, por otro lado, un marco para la creación de esquemas europeos de certificación de la ciberseguridad, al objeto de garantizar un nivel adecuado de ciberseguridad de los productos, servicios y procesos de TIC en la UE, así como de evitar la fragmentación del mercado interior en el terreno de los esquemas de certificación de la ciberseguridad. Entrará en vigor el 27 de junio de 2019.

Firstly, develop aspects regarding ENISA that will help reduce the fragmentation of the internal market acting as a reference point for advice and expertise in cybersecurity in the HAT. The regulation establishes its objectives, tasks, organization, forecasts on your budget, staff, and other general provisions, as its legal status.

ENISA tasks include: contribute to the development and implementation of policy and the right of the union; attend building capacities of cybersecurity; support cooperation between member states, institutions, bodies and agencies and union among stakeholders (CERT-UE, network of CSIRT, cyber exercises, reports on the situation of cybersecurity, cooperative response); market, certification of cybersecurity and standardization; knowledge and information; awareness and education; research and innovation; and international cooperation.

The second big issue that addresses the regulation is the creation of the European framework for certification of cyber security which pursues a harmonized approach of European certification schemes of cybersecurity in the HAT, with the aim of creating a digital single market for products, services and processes of TIC.

This European framework of certification of cybersecurity defines a mechanism for European certification schemes of cyber security, and to confirm that the products, services and processes of TIC that have been evaluated according to these schemes to meet safety requirements specified with the objective of protecting the availability, authenticity, integrity and confidentiality of data stored, transmitted or processed or functions or services offered, or those that allow access, such products, services and processes throughout their life cycle.

The Commission (Opens in new window) publish a rolling programme of work for the European certification schemes cybersecurity that define the strategic priorities for future schemes. Includes a list of products, services and processes of Tick, or categories of the same, that could benefit their inclusion in the scope of an outline of European certification of cybersecurity.

También establece el Reglamento las condiciones para la solicitud, reparación, adopción y revisión de esquemas europeos de certificación de la ciberseguridad; así como sobre sus objetivos, elementos, niveles de garantía, difusión. También establece previsiones sobre la certificación de la ciberseguridad; los Esquemas y certificados nacionales de certificación de la ciberseguridad; las autoridades nacionales de certificación de la ciberseguridad; los organismos de evaluación de la conformidad; y sobre un Grupo Europeo de Certificación de la Ciberseguridad de nueva creación.

Original source of the news (Opens in new window)

  • Security
General access point
General access point