Building on progress made, we stress the need for openness and transparency in implementation
On the occasion of the into force of the EU Cybersecurity Act on 27 June 2019, OpenForum Europe (OFE) wishes to reiterate its strong support for an institutionally bolstered and better resourced European Cybersecurity Agency. We look forward to continue to provide input into the upcoming Cybersecurity Certification Framework. Cybersecurity is a fundamental practice to safeguard citizens, businesses and government agencies in the use of the internet. Certification assists in this endeavour by promoting secure products, services and business practices/processes in the marketplace.
Since the first draft of the proposed regulation, OFE has constructively worked with the European Parliament, Member States and the Commission to ensure the future Cybersecurity Certification framework and subsequent schemes significantly boost Europe’s cybersecurity resilience and respond to the needs of a broad range of technical experts involved in standardisation and cyber-related technology. OFE is pleased that a number of its suggested proposals were incorporated into the final regulation, including an annual work program of anticipated schemes, the Stakeholder Cybersecurity Certification Group (SCCG), and the ability for stakeholder representation in specific working groups.
All of these improvements enable stakeholders to plan and advise the Commission and the ENISA during all phases of a scheme’s lifetime. Moreover, it represents an opportunity to share technology trends and better interface with the global standardisation and open source developer communities. OFE also welcomes the inclusive definition of standards and technical specifications that are eligible for inclusion in cybersecurity schemes, thereby better aligning with Regulation 1025/2012 as thus acknowledges the global nature of the cybersecurity ecosystem.
OFE is an active member of the ICT Multi Stakeholder Platform (MSP) and looks forward to continuing to build its close co-operation within and between the MSP, the SCCG, the Commission and ENISA to ensure alignment of rolling plans and advising on appropriate standards and technical specifications that can be used as the basis for certification schemes.