You are here
EU Cybersecurity Act: improved governance framework, but progress still needed
Security certification is a well-established tool that increases resilience and awareness for business users and consumers. AmCham EU supports the objective of the European Commission’s proposal to reduce administrative costs and ensure there is a stronger and more harmonised approach to cybersecurity certification.
Cybersecurity is a joint responsibility of government and industry, and the most effective way of advancing it is through public-private partnerships involving open dialogue and trusted collaboration. Under the future EU certification framework, it is of paramount importance that companies maintain the ability to develop the security system features best designed for their unique risk situation.
The governance framework defined in Title III of the EU Cybersecurity Act should promote a market-driven, inclusive and risk-based approach. We welcome the fact that the report adopted by the European Parliament’s industry committee enhances the legislative text in a number of areas such as a broadened scope and strengthened industry involvement; we urge co-legislators to include further improvements to ensure that the EU certification schemes will be practical for EU’s security needs.