A stronger Cybersecurity Certification Scheme for Cloud Services

Since 2021, industry has urged the European Commission to adopt the European Cybersecurity Certification Scheme for Cloud Services (EUCS) and to avoid conflating legal and cybersecurity considerations in a technical instrument. However, concerns remain regarding sovereignty requirements and ownership criteria in ENISA's latest text. To address these concerns, policymakers should explain the impact of different assurance levels on cloud service users and critical entities, as well as the rationale behind applying varying levels of assurance. Learn how the European Union can enhance cybersecurity for cloud services.