|Author (Corporate)||Council of the European Union, European Parliament|
|Series Title||Official Journal of the European Union|
|Series Details||L 151|
Regulation of the European Parliament and of the Council of 17 April 2019 strengthening the role of ENISA and setting up a European framework for cybersecurity certification.
This Regulation establishes a European Cybersecurity Certification Framework for ICT products and services and specifies the essential functions and tasks of the European Union Agency for Network and Information Security (ENISA) in the field of cybersecurity certification.
The proposed Regulation was presented on 13 September 2017 by the European Commission. The Council of the European Union adopted its general approach regarding this proposal on 8 June 2018. The European Parliament's relevant committee adopted its position and mandate for negotiations on 10 July.
The proposal was announced as part of the European Union's overhaul of its cybersecurity strategy during the annual SOTEU 2017 address. It follows up on the announcement in 2016 that the European Commission had decided to review Regulation (EU) 526/2013, which provides the second mandate for the ENISA. Its strengthening would also acknowledge the agency's responsibilities under the NIS Directive.
The 2016 Communication on 'Strengthening Europe's cyber resilience system and fostering a competitive and innovative cybersecurity industry' – which announced the review of the role of ENISA – also put forward the idea of establishing a framework for security certification for ICT products and services in order to increase trust and security in the digital single market. The Commission identified ENISA as the natural body to take up the role regarding certification.
|Subject Categories||Business and Industry|
|Subject Tags||Cybersecurity | Cyber-security, Telecommunications|
|Keywords||European Network and Information Security Agency [ENISA]
|International Organisations||European Union [EU]|