The Commission and the European Agency for Cybersecurity (ENISA) have announced the creation of the Stakeholders Cybersecurity Certification Group (SCCG), which will advise them on strategic issues regarding cybersecurity certification, while at the same time it will assist the Commission in the preparation of the Union rolling work programme. Furthermore, its aim, as foreseen by the EU Cybersecurity Act that was adopted a year ago, is to create market driven certification schemes and help reduce fragmentation between various existing schemes in the EU Member States.

picture of a person with laptop and phone

The first meeting of the Group is taking place today.

Thierry Breton, Commissioner for the Internal Market, said:

Not only will certification play a crucial role in increasing trust and security in ICT products, but it will also provide European companies with the necessary tools to demonstrate that their products and services have state of the art cybersecurity features. This will in turn allow them to better compete in the global market. The Stakeholder Cybersecurity Certification Group will help by bringing about the needed expertise and advice for the creation of a tailored and risk-based EU certification system.

Juhan Lepassaar, Executive Director of ENISA, added:

Cybersecurity certification aims to promote trust in ICT products, processes and services while at the same time tackling the fragmentation of the internal market, thus reducing the costs for those operating in the Digital Single Market. The Stakeholder Cybersecurity Certification Group will form part of the community that helps build and raise awareness of the EU schemes.

The Group consists of representatives from an array of organisations that include academic institutions, consumer organisations, conformity assessment bodies, standard developing organisations, companies, trade associations and many others. The EU is working in building the necessary cybersecurity capabilities to prevent and counter the ever-changing cyber threats and attacks.