FERMA
Latest news

European cybersecurity standards for ICT products and services

close-up-of-motherboard

On 17 April 2019, the European Union (EU) adopted the European Cybersecurity Act which introduces a European cybersecurity certification framework for technology (ICT) products, processes and services.

The EU Agency for Cybersecurity, ENISA, is now mandated to work on the development of such a framework for European cybersecurity certificates over the next 12 months. Initially European cybersecurity certification schemes will be voluntary, but the European Commission has until 2023 to determine which European certificates should be mandatory. National certificates will remain valid as long as there is no equivalent at EU level.

Once European certification is in effect, manufacturers, vendors and service providers will go through a single process to obtain a European certificate valid in all member states for their product or service. This will reduce compliance costs for businesses trading cross-border in the EU, which would have otherwise have to apply for certificates in several countries.

The proposed framework will ensure that connected products and internet of things devices manufactured in or for the EU will be developed with cybersecurity measures in-mind from the design stage (security by design).

The objective of the EU is to increase the trust and reliance of citizens and companies in ICT products and services by guaranteeing that they meet specified cybersecurity standards at assurance levels of ‘basic’, ‘substantial’ or ‘high’. Moreover, the Commission believes this could give European companies a competitive advantage worldwide, as the demand for more secure solutions is expected to rise.

“This is a ground breaking development as it is the first internal market law that takes up the challenge of enhancing the security of connected products, internet of things devices, as well as critical infrastructure through such certificates,” says the Commission.

This is a major topic for national cybersecurity agencies like France’s ANSSI and Germany’s BSI, who will speak on the subject at the FERMA Forum in Berlin in November.

Tags: ANSSI, BSI, certificate, certification, cyber security, ENISA, ICT, standard

Share with others

Avenue de Tervuren 273 B12
1150 Brussels (BELGIUM)
Tel: +32 2 761 94 32
Email: enquiries@ferma.eu

Join our newsletter

FOLLOW US

Linkedin X-twitter Youtube

© Copyright FERMA 2025. All rights reserved

Contact us

General Terms and Conditions

Privacy Policy

Cookie Policy

Powered by Fontana Design

Subscribe to our newsletter

* indicates required
Interests

By subscribing to our newsletter, you agree that we may process your information in accordance with our Privacy policy.

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at enquiries@ferma.eu.

We use MailChimp as our marketing platform. By subscribing to our newsletter, you acknowledge that your information will be transferred to MailChimp for processing. Learn more about MailChimp’s privacy practices here.

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.