On 2 July, the European Union Agency for Cybersecurity, ENISA, launched a month-long public consultation for the first candidate cybersecurity certification scheme, the Common Criteria based European cybersecurity certification scheme (EUCC). The scheme aims to replace the existing schemes operating under the SOG-IS MRA for ICT products, to add new elements and to extend the scope to cover all EU Member States.

ENISA

The EU Cybersecurity Act of 2019 (CSA) lays down an EU cybersecurity certification framework for the purpose of ensuring an adequate level of cybersecurity for ICT products, ICT services and ICT processes in the Union, as well as of avoiding fragmentation of the internal market. ENISA’s task under the CSA is to prepare and develop candidate cybersecurity certification schemes with the involvement and support of stakeholders and a working group.

This new candidate scheme aims to further improve the Union’s internal market conditions for ICT products, and positively affects the ICT services and ICT processes relying on such products.

The public consultation launched by ENISA allows interested parties to provide feedback on the draft of the EUCC candidate scheme. The outcome of the public consultation will be processed and shared.

To participate in the Public Consultation, please, visit the EUCC Consultation Survey

Before answering, please, consult the Draft of the EUCC Candidate Scheme.