Cybersecurity and Data Protection Standards in support of European Policy 

When: Tuesday, 19 September 2017 from 09:00 to 17:30
Where: Brussels - CEN-CENELEC Management Centre
Participation: over 100 persons contributed to the seminar
Presentations: are available via the urls in the seminar programme (pdf format)
Contact: Alina Iatan (CEN-CENELEC) or Slawomir Gorniak (ENISA)

For whom?

To share their challenges and needs, the workshop targetted the stakeholders from all business sectors whose activities are impacted by digital technologies:

  • policy makers;
  • IT security and technology providers;
  • industrial associations and federations;
  • standardization organizations and their communities;
  • societal stakeholders;
  • and other interested parties.


The Data Protection Package is a key enabler of the Digital Single Market and the EU Agenda on cybersecurity. With this event, CEN, CENELEC and ENISA (European Union Agency for Network and Information Security) aimed to explore how the standards-developing world could better respond to the fast-changing, demanding realms of Cybersecurity, Privacy and Data Protection.

The landscape in these (strictly interconnected) domains is rapidly changing. The cyber threats and risks know no borders, are common to all and therefore need to be addressed collectively. European standards are meant to build foundations for a culture of security across sectors which are vital for our economy and society.

European Standardization Organizations play a fundamental role in supporting the implementation of the Data Protection Reform (GDPR and the Directive), of the Directive on the security of Network and Information Systems (NIS Directive ), of the proposal for a Regulation on Privacy and Electronic Communications Code (ePrivacy).

In organizing this event, CEN, CENELEC and ENISA are feeding into the debate on whether the European Union is ready for the digital transformation and identify which specific measures and overall approach will contribute to creating a safer and more trustworthy digital environment.

The conclusions and recommendations of this event provide 'food for thought' for the recently established CEN/CENELEC/TC 13 ‘IT security and data protection’ and CEN/CENELEC/TC 8 ‘Privacy management in products and services’.



An intensive one day event with keynotes and panel discussions that brought around the table policy makers and IT experts from private sector whose contributions will be requested for the development of standards within the newly created CEN-CENELEC Technical committees and ensuring grounds for compliance with the new legal framework on cybersecurity and data protection. 

During the event we did:

  • Explore the standardization opportunities framework under the new Regulations on data protections, namely in relation to specific cyber controls, risk management practices or systems testing;
  • Share good practices and experience on the implementation of trust services;
  • Discuss the latest developments on the framework surrounding IT security market including existing standards and technical guidelines;
  • Exchange views with stakeholders on best practice and operational issues related to data privacy and IT security;
  • Discuss the best way to identify existing international standards for endorsement as European standards