On March 20, MEP Pilar del Castillo and EIF invited MEPs, EIF Members and friends, to exchange views on the proposed EU Cyber Security Act, and a much needed global approach.
The respective draft legislation by the European Commission’s proposes inter alia an expansion of the mandate of ENISA and a framework for the creation of harmonized EU cybersecurity certification schemes with the overall view to advance cybersecurity and to increase the trust in digital products and services.
MEP del Castillo believes that there is great potential to improve cyber security and resilience, and respond to cyber threats. She supports a permanent mandate for ENISA, Europe's cybersecurity agency, and enhancing cooperation and crisis management across the EU. In her view this a very important piece of legislation to finalise the EU DSM.
The European Parliament's rapporteur on the file, Angelika Niebler, strongly believes that trust is the most important element from a consumer’s or industry's perspective. Users and companies alike, need to have confidence on IT solutions especially now that the Internet of Things is becoming a reality, services that heavily rely on data. The rapporteur supports and enhanced ENISA that would work in coordination with national agencies. Regarding certifications, she now believes that a mandatory system would be the best solution.
Despina Spanou, Director for Cybersecurity at the European Commission and responsible for the proposal, highlighted the importance of GDPR in the Commission's strategy and its impact on cybersecurity, enhancing cooperation between Member States and emergency response teams, thus creating the perfect conditions for developing a new strategy. Also, ENISA has fulfilled a capacity building role by supporting Member States in the creation of national agencies.
Ilias Chantzos, Senior Director Government Affairs at Symantec, stressed that certification legislation is not version two of the Directive on security of network and information systems (the NIS Directive). From an industry standpoint ENISA’s mandate is the less controversial topic, they want certification to succeed but consider this success dependent on the scheme’s governance, simplicity and the market dimension’s.
In this EIFAsks video, MEP Angelika Niebler, the European Commission Director for Cybersecurity Despina Spanou and Ilias Chantzos from Symantec, confer upon the Commission's initiative to counteract future cyber threats and attacks.