EU considers expanding cyber security certification program to include more areas – Security

The proposed cyber security labelling rules in the European Union may have a wider scope than originally anticipated. In addition to Amazon, Google, and Microsoft, these rules could also impact banks and airlines, according to the latest draft of the rules.

EU mulls wider scope for cyber security certification scheme


The EU is taking this step as Big Tech companies seek to enter the government cloud market for future growth. Additionally, the recent popularity of OpenAI’s ChatGPT and the potential for artificial intelligence could increase demand for cloud services.

The latest proposal from the EU cybersecurity agency, ENISA, focuses on an EU certification scheme (EUCS) that guarantees the cybersecurity of cloud services. It determines how governments and companies in the European Union choose their vendors.

The document maintains key provisions from previous drafts, including a requirement for US tech giants to form a joint venture with a company based in the EU in order to obtain the EU cybersecurity label.

Other provisions state that cloud services must be operated and maintained within the EU. Additionally, all customer data processed and stored must be within the EU, with EU laws taking precedence over non-EU laws concerning the cloud service provider.

These obligations apply to the highest security level, with four levels in total. The latest draft allows for the possibility of extending these strict requirements to the third highest security level as well.

The latest draft is currently under review by EU countries. After this, the European Commission will finalize the scheme.

The potential broadening of the scope has raised concerns from the tech lobbying group CCIA, as it would have a larger impact on various industries. Alexandre Roure, CCIA Europe’s public policy director, highlighted the possibility that requirements discriminating against foreign cloud providers could also be extended to lower levels of assurance, affecting sectors such as banks, airlines, utility companies, and heavily regulated industries.

Last week, the European Banking Federation (EBF) along with other financial groups criticized the sovereignty requirements.

Unlock your business potential with our expert guidance. Get in touch now!

charts-graphs-data-2-Kittiphat-adobe.jpg

NasuniIQ Introduces Visual Representation for Handling Large Unstructured Datasets

tr-todoist-alternatives.jpg

Top 7 Todoist Alternatives & Competitors to Consider in 2024

searchEnterpriseAI_055.png

Birmingham City Council Seeks an Additional £45m to Address Critical Issues with Oracle System

tr_20240216-microsoft-powershell-certification-automation.jpg

Discover 6 PowerShell Courses That Teach Automating Admin Tasks at $20

music-drum-guitar-microphone-adobe.jpeg

Switch to Pure results in music agency cutting space and energy costs by half

tr_20240216-square-vs-onpay.jpg

A Comparison of Payroll Software: Square Payroll vs OnPay for 2024

Women-business-diversity-1-adobe.jpg

Tech Diversity Hindered by Misunderstandings and Underrepresentation