EU considers expanding cyber security certification program to include more areas – Security

Blog
EU considers expanding cyber security certification program to include more areas – Security

The proposed cyber security labelling rules in the European Union may have a wider scope than originally anticipated. In addition to Amazon, Google, and Microsoft, these rules could also impact banks and airlines, according to the latest draft of the rules.

EU mulls wider scope for cyber security certification scheme


The EU is taking this step as Big Tech companies seek to enter the government cloud market for future growth. Additionally, the recent popularity of OpenAI’s ChatGPT and the potential for artificial intelligence could increase demand for cloud services.

The latest proposal from the EU cybersecurity agency, ENISA, focuses on an EU certification scheme (EUCS) that guarantees the cybersecurity of cloud services. It determines how governments and companies in the European Union choose their vendors.

The document maintains key provisions from previous drafts, including a requirement for US tech giants to form a joint venture with a company based in the EU in order to obtain the EU cybersecurity label.

Other provisions state that cloud services must be operated and maintained within the EU. Additionally, all customer data processed and stored must be within the EU, with EU laws taking precedence over non-EU laws concerning the cloud service provider.

These obligations apply to the highest security level, with four levels in total. The latest draft allows for the possibility of extending these strict requirements to the third highest security level as well.

The latest draft is currently under review by EU countries. After this, the European Commission will finalize the scheme.

The potential broadening of the scope has raised concerns from the tech lobbying group CCIA, as it would have a larger impact on various industries. Alexandre Roure, CCIA Europe’s public policy director, highlighted the possibility that requirements discriminating against foreign cloud providers could also be extended to lower levels of assurance, affecting sectors such as banks, airlines, utility companies, and heavily regulated industries.

Last week, the European Banking Federation (EBF) along with other financial groups criticized the sovereignty requirements.

Unlock your business potential with our expert guidance. Get in touch now!

Contact us
AI & Neural Networks Applications Big Data and Data Analysis Blockchain Cloud Computing and Services Digital Marketing in IT Digital Transformation E-commerce Technologies GLOBUS.studio GLOBUS.studio IT Consulting and Strategies IT for Businesses IT Security and Cybersecurity Learning Mobile Development News Project Management SaaS Solutions SEO/SMO/SMM Software Development Technologies Uncategorised UX/UI Web Development
transport-speed-distribution-logistics-adobe.jpg

Digital Catapult Celebrates Shared Infrastructure as a Pathway to Decarbonizing the Logistics Sector

  • GLOBUS.studio
delimited-list-word-tutorial.jpeg

5 Ways to Delete a Page in Word

  • GLOBUS.studio
identity-diversity-people-reshidea-adobe.jpg

From Beauty Icon to Tech Trailblazer: This Year’s Most Influential Woman in UK Technology

  • GLOBUS.studio
tr_20241119-debian-vs-ubuntu.jpg

Which Linux Distribution Is Right for You?

  • GLOBUS.studio
what-is-twake.jpeg

10 Top Free Project Management Tools and Software

  • GLOBUS.studio
tr_20241115-anz-cio-challenges-ai-cybersecurity.jpg

AI, Cybersecurity, and Data Analytics: Trends and Innovations for 2025

  • GLOBUS.studio
tr_20241115-ubuntu-server-the-smart-persons-guide.jpg

Ubuntu Server Quick Reference Guide

  • GLOBUS.studio

Explore More

Your Gateway to Useful Resources