Memorandum of Understanding between CEN, CENELEC and the European Cyber Security Organisation (ECSO) 

Brussels, 13 November 2018 - Today Mrs Elena Santiago Cid, Director General of CEN and CENELEC, together with Mr Luigi Rebuffi, Secretary General of ECSO, co-signed the Memorandum of Understanding for future cooperation. The aim is to ensure that standardization from formally recognised European and international organisations is effectively considered as a basis for certifications schemes in the field of cybersecurity.

In September 2017, the European Commission adopted a Cybersecurity Package which builds upon existing instruments and presents new initiatives to further improve EU cyber resilience, deterrence and response. Within the Package, the European Commission has put forward a legislative proposal which foresees a permanent mandate for the European Union Agency for Network and Information Security (ENISA), as well as the creation of a EU certification framework for ICT security products – ‘the cybersecurity act’.

To ensure an effective European approach to cybersecurity certification based on standards from formally recognised European and international organisations, CEN and CENELEC have already established a strong cooperation with ENISA, which is now complemented by the European Commission’s contractual counterpart for the implementation of the Cyber Security Public-Private Partnership (cPPP), the European Cyber Security Organisation (ECSO).

Today’s Memorandum of Understanding represents the basis for a series of relevant actions: foster information sharing; enable a common understanding on standardization initiatives; develop a better understanding of industry needs; establish recommendations on certification schemes based on  standards; and coordinate policy input on the Cybersecurity Package, as well as strategic priorities for the European Commissions’ research and innovation agenda.

In its role, ECSO aims to foster cooperation between public and private actors and reach the goals set out by the cPPP in the field of research and innovation, allowing citizens and businesses to access innovative and trustworthy European solutions. ECSO aims as well to stimulate and support the development of industrial measures geared towards increasing the competitiveness of the cybersecurity industry and harmonising the cybersecurity market in Europe.

ECSO Secretary General Luigi Rebuffi highlighted that “ECSO is developing with its members the European cybersecurity ecosystem, in which research and innovation (R&I) are important building blocks for the European growth. However, innovation should be built upon standards which ensure the promotion of the best practices, interoperability and cyber security requirements in a coherent and consistent way, which are relevant to the interdependence across the value chain in the ICT industry. Standards could also serve as a key instrument to support and ease the certification. In the very dynamic cybersecurity market, standardisation is challenging but fundamental to ensure reliable and trusted solutions, as well as the growth of a competitive European industry. For these reasons, a close cooperation between ECSO and CEN and CENELEC is especially important.

CEN and CENELEC Director General Elena Santiago Cid added: “CEN and CENELEC are active in responding to European industry needs through European and international standardization supported by the CEN-CENELEC/JTC 13 'Cybersecurity and Data Protection'. Our work will from now on be enhanced by the collaboration with ECSO. Together, we will build a trustworthy cyber ecosystem for the benefit of all”.

Download the full press release (pdf format)

For more information, please contact Sarah Penny.