Related items

The revision of the Public Procurement Directive (PPD) is a critical opportunity to unlock the full value of public procurement for European competitiveness and resilience. A simpler, more consistent and quality-driven framework would strengthen market access, attract a wider range of bidders and enable public buyers to select best-in-class solutions. 

The revision should prioritise practical ‘how to buy’ reforms, including digitalisation, standardised templates and reusable documentation, to reduce administrative burdens and increase participation. In parallel, ‘what to buy’ reforms should focus on transparent and verifiable criteria that reward performance, security and life-cycle value while avoiding unnecessary complexity that risks reducing competition. 

Learn how, if designed effectively, the PPD can support innovation, resilience and better outcomes for public buyers across the EU. 

Cisco is strengthening France’s role in the global digital economy with the launch of its Global AI Hub, announced at the 2025 Choose France Summit. The hub will focus on secure, energy-efficient artificial intelligence (AI) infrastructure, innovative cooling solutions for data centres and support for the startup ecosystem. To address future workforce needs, Cisco will also train 230,000 people in France over the next three years through its Networking Academy, covering fields such as cybersecurity, data science and AI. Building on nearly 400,000 individuals already trained in France, this investment supports Cisco’s EU-wide commitment to train 1.5 million people by 2030. Read more on Invested in Europe. 

The European Commission’s proposal to revise the Cybersecurity Act (CSA2) comes at the right moment, as Europe faces an evolving range of cyber threats. With its measures to reinforce ENISA and make harmonisation the key to a more resilient Single Market, the proposal brings the Act closer to the realities of today’s fast-moving cybersecurity ecosystem. 

However, the Commission’s proposal still fails to go far enough on providing a platform for more active industry engagement. It rightly formalises existing structures but falls short of creating mechanisms that allow for regular expert-level exchanges and meaningful industry feedback into the CSA2 framework, building on lessons learned from the past years. Such exchanges are essential, given industry’s role as a front-line defender against cyber threats. 

Now, as the file moves to the European Parliament and the Council of the EU, the co-legislators must ensure certification schemes under the CSA2 remain based on technical criteria. The EU’s cybersecurity needs should be a matter for sober, technical analysis. AmCham EU therefore supports the proposal's structural distinction between technical certification and non-technical supply chain risks. Maintaining this separation prevents restrictive requirements that limit choice, reduce competition and slow innovation. 

The same approach is necessary for the proposal’s provisions to secure critical infrastructure under the new ‘Trusted ICT Supply Chain Framework’ (Title IV). These measures must also be underpinned by an objective, evidence-based approach to ‘non-technical risks’. At the same time, measures involving restrictions on data transfers must be aligned with international agreements to avoid unintended disruptions to global operations. 

Ultimately, US companies share the EU’s commitment to securing the region’s digital resilience. AmCham EU members invest heavily in security and stand ready to support the delivery of a framework that keeps Europe open, secure and competitive.