The European Cybersecurity Act (draft) strengthens the role of ENISA and proposes a European governance structure for product security certification (Cybersecurity Certification Framework). The ZVEI welcomes the goal to promote cyber security with high priority within the EU. The ZVEI statement, however, expresses the strong skepticism of the electrical industry that security certification is introduced as unsuitable substitute for trust and manufactures’ ownership. Furthermore, the framework de facto takes measures in the area of product regulation. If any security product regulation should be created, then, it should be established through the New Legislative Framework (NLF).
For further discussions the statement suggests concrete proposals for an industry-compatible and NLF-compliant alignment of the Cybersecurity Act.
This statement ist actually only available in English.