EU Cybersecurity Act enters into force 27th June 2019

27 July 2019

• Cybersecurity
• EU - Cybersecurity

The Cybersecurity Act enters into force  on the 27^th June, 2019, establishing the European cybersecurity certification framework and giving ENISA a permanent mandate, becoming the EU Agency for Cybersecurity. The press release by the European Commission can be found here. You can find the press release by ENISA here.

The immediate next steps of the implementation phase will see the European Commission preparing first requests for ENISA to develop certification schemes and setting-up the governance structure with the establishment of the relevant expert groups:

1. The European Cybersecurity Certification Group (ECCG), comprised of Member State representatives that will have to be appointed by the representatives from their competent authorities;
2. The Stakeholder Cybersecurity Certification Group (SCCG), which will be responsible to advise ENISA and the Commission on general strategic matters relating to the certification framework.

The Commission will also prepare the annual “Union rolling work programme for European Cybersecurity Certification”, which will identify strategic priorities for certification and in particular include a list of ICT products, services or categories thereof. The Union rolling work programme will be subject to a public consultation. The new SSCG will also be at liberty to issue an opinion for each yearly work programme.

BEAMA will have access to this work via Orgalim, who are nominating a representative for the SSCG, T&D Europe Cyber Security TF, Applia Connectivity TF.

The Cyber Security Network Code that the Commission has planned to initiate with the publication of the CSA, has been delayed as the report from the Smart Grid Task Force EG2 has been delayed and is not now expected to be approved until September

 Cybersecurity Act 27062019.pdf  TheEUCyberActataglance.pdf

Return to listing