OpenLobby.EU
Explore

Review of ENISA Regulation and laying down a EU ICT security certification and labelling

Digital economy and society

Links

Public consultation

ID: 1090

Lobbying Activity

38 responses

Business lobby urges voluntary EU cybersecurity certification schemes

BUSINESSEUROPE, 30 Nov 2017

BUSINESSEUROPE requests voluntary certification schemes with bottom-up development involving industry stakeholders. They oppose one-size-fits-all approaches and want flexibility for self-certification. The organization argues schemes must be dynamic, industry-relevant, and affordable before any mandatory market access rules.
This would reduce compliance costs and avoid burdensome certification requirements for members.
Consumers lose stronger mandatory security standards for IoT devices and services.

Microsoft urges EU certification harmonization to reduce costs

Microsoft Corporation, 6 Dec 2017

Microsoft requests voluntary, flexible certification schemes based on existing international standards like ISO 27000 and NIST. They want mutual recognition across Member States to function as a 'one-stop-shop' and greater private sector involvement in scheme development.
This would reduce their compliance costs across EU markets and boost efficiency.
National certification bodies lose revenue from country-specific schemes being replaced by EU-wide standards.

Microsoft Urges Flexible EU Cybersecurity Certification Framework

Microsoft Corporation, 4 Aug 2017

Microsoft supports strengthening ENISA with enhanced capacity building, policy guidance, and incident response coordination. For certification, they advocate for a voluntary framework based on international standards rather than rigid EU-specific schemes, with clear distinction between consumer labelling and enterprise certification.
This would reduce compliance costs from navigating different certification schemes across EU member states.
Consumers and enterprises lose if rigid certification creates false security and delays deployment of latest protections.

Consultation response

American Chamber of Commerce to the European Union, 4 Dec 2017

We acknowledge the EU’s legitimate ambition to strengthen its cyber industrial base with a focus on emerging technologies. The threats facing Europe are global in nature, maintaining and improving international cooperation with public and private partners is and will remain essential to keep Europe…

Consultation response

DIGITALEUROPE, 6 Dec 2017

As part of the Cybersecurity Package, the European Commission’s Cybersecurity Act is based on two pillars, the second one proposing the creation of an European framework for Certification Schemes for ICT products and services. This proposal is of particular importance to DIGITALEUROPE, which…

Consultation response

Orgalim – Europe's Technology Industries, 25 Jul 2017

See Orgalime's recently published position paper "Strengthening Trust and Transparency in IoT" on this issue: http://www.orgalime.org/position/orgalime-position-paper-strengthening-trust-and-transparency-iot Executive Summary: The European Engineering Industries which Orgalime…

Consultation response

European Banking Federation, 6 Dec 2017

The European Banking Federation (EBF) is the voice of the European banking sector, uniting 32 national banking associations in Europe that together represent some 4,500 banks - large and small, wholesale and retail, local and international - employing about 2.1 million people. Launched in 1960, the…

Consultation response

ITI - The Information Technology Industry Council, 6 Dec 2017

The Information Technology Industry Council (ITI) welcomes the European Commission’s Cybersecurity package, including the Proposed Regulation on cybersecurity certification. While we support the overall objectives of the Package, we would like to highlight some concerns and recommendations…

Consultation response

The Danish Chamber of Commerce, 5 Dec 2017

The Danish Chamber of Commerce welcomes the Commission’s proposal for a new Cybersecurity Act. We support the extension of resources and mandate to ENISA, but our main interest lays within title III of the proposal concerning the EU cybersecurity certification scheme. While we support the idea of…

Consultation response

The Danish Chamber of Commerce, 3 Aug 2017

The Confederation of Danish Enterprise would like to thank the Commission for the opportunity to provide feedback to the IIA on ENISA and ICT certification and labelling. Cybersecurity is an issue of vital importance in our increasingly digitalized economy and society. We therefore welcome the…

Consultation response

SAP, 6 Dec 2017

An economically viable certification scheme for the software industry must be of global scale, spanning nations, verticals and organizations. If schemes are instantiated under the auspices of individual nations or organizations, mutual recognition agreements, like they exist, for instance, to a…

Consultation response

Business Software Alliance, 6 Dec 2017

BSA | The Software Alliance (BSA), the leading advocate for the global software industry, welcomes the opportunity to provide its views on the European Commission’s proposal for Regulation on ICT Cybersecurity Certification. We commend the continued efforts of the European Commission to…

Consultation response

Business Software Alliance, 4 Aug 2017

BSA | The Software Alliance (BSA), the leading advocate for the global software industry, welcomes the opportunity to comment on the European Commission’s inception impact assessment on the ‘Proposal for a Regulation revising the ENISA Regulation (No 526/2013) and laying down a European ICT…

Consultation response

London Stock Exchange Group, 6 Dec 2017

London Stock Exchange Group (LSEG) is delighted to have the opportunity to provide feedback on the European Commission’s proposal for a regulation on ENISA and on ICT cybersecurity certification. As one of the largest operators of safe, efficient and diversified international financial market…

Consultation response

European Cockpit Association, 17 Nov 2017

The European Cockpit Association (ECA) was created in 1991 and is the representative body of European pilots at European Union (EU) level. It represents over 38,000 European pilots from the National pilot Associations in 37 European states. In addition, ECA has 2 Associate Members from outside the…

Consultation response

Fédération Française de l'Assurance, 6 Dec 2017

The French Insurance Federation (FFA) welcomes the opportunity to comment on the cybersecurity package. The insurance industry is closely following the developments related to cybersecurity at EU level, in particular with regards to the increasing extent of cyberattacks and their impact. Insurers…

Consultation response

European Cyber Security Organisation, 29 Nov 2017

ECSO represents the contractual counterpart to the European Commission for the implementation of the Cyber Security contractual Public-Private Partnership (cPPP). Since the publication of the package, we have gathered comments both from the ECSO Board and from many ECSO members to provide the…

Consultation response

TIC Council, 25 Jul 2017

IFIA, representing the global independent testing, inspection and certification sector, support the preliminary policy option 3 for certification as this option would support a coherent regulatory framework across the Single Market. Harmonizing the diverging certification schemes currently in…

Consultation response

The European Consumer Voice in Standardisation, 28 Jul 2017

ANEC supports the preliminary policy option 3 ‘Propose an ICT security legislation based on the 2008 New Legislative Framework (‘New Approach legislation’) as a coherent regulatory framework across the EU with clear requirements would ensure that products and services are designed with…

Consultation response

Cloudflare, 2 Aug 2017

Cloudflare is an Internet security company working to help build a better Internet. We protect more than 6 million web properties around the world from Distributed Denial of Service (DDoS) attacks. With over 115 data centres in more than 50 countries, we serve approximately 10% of global Internet…

Consultation response

TÜV-Verband e. V., 2 Aug 2017

Dear Madam or Sir, VdTÜV - listed in transparency register 45013506457-28 - and its members do actively contribute to the marketing of compliant goods in the Internal Market. Herewith, we would like to give feedback on the roadmap and inception impact assessment for a proposal for a…

Consultation response

Council of European Energy Regulators, 5 Dec 2017

The attached document is the response of the Council of European Energy Regulators (CEER - https://www.ceer.eu/) to the European Commission's proposed Cybersecurity Package. This document will be published after the period for public comment is complete (planned publication date 8 December 2017).…

Consultation response

OpenForum Europe AISBL, 6 Dec 2017

OpenForum Europe (OFE) welcomes the ongoing debate about cybersecurity at the EU policy level. Cybersecurity is of utmost importance for digitisation, for the Digital Single Market and for the societal acceptance of digital transformations and the uptake of new technologies in general. However, OFE…

Consultation response

Grup Mediapro SLU, 4 Aug 2017

MEDIAPRO Group is the leading contents and services supplier to the audiovisual sector. The company produces and distributes audiovisual content in almost any format and with any technology, for any audiovisual support. From live sports to feature film and broadcast, our contents need to match the…

Consultation response

OpenForum Europe AISBL, 4 Aug 2017

Security is a core priority for the Information Communication Technology (‘ICT’) sector, in order to prevent abuse, cyber crime, and attacks on critical infrastructure, to protect personal information, and thereby to mitigate related socio-economic cost. The ICT sector has a vested interest in…

Consultation response

CSC - IT Center for Science Ltd., 5 Dec 2017

CSC – IT Center for Science Ltd. (CSC) is a government owned non-profit Finnish center of expertise in ICT developing, integrating and providing services for research, education, culture, public administration, and enterprises. As a key actor of the Finnish research system, CSC’s services include…

Consultation response

ISACA, 6 Dec 2017

To Whom It May Concern, I am providing comments on behalf of ISACA on the Cybersecurity Package. Please contact me, jgremmels@isaca.org, with any questions. Best, Jen Gremmels

Consultation response

Gemalto SA, 6 Dec 2017

Gemalto warmly welcomes the Commission’s initiative to create a certification framework at the EU level. Efficient and fair certification schemes, coupled with comprehensive labelling will enable European citizens to have confidence in new digital products and services. To be efficient and…

Consultation response

EUROSMART, 6 Dec 2017

Eurosmart, the Voice of the Digital Security Industry, is pleased to submit its feedback on the Cybersecurity Package. The documents under comments are: - Impact assessment - SWD(2017)500/948161 - Part 4 - Impact assessment - SWD(2017)500/948161 - Part 5 This document gathers comments from…

Consultation response

Fédération des Industries Electriques, Electroniques et de Communication, 1 Dec 2017

Please see attached document.

Consultation response

International Confederation of Inspection and Certification Organizations, 25 Jul 2017

CEOC, representing the European independent testing, inspection and certification sector, support the preliminary policy option 3 for certification as this option would support a coherent regulatory framework across the Single Market. Harmonizing the diverging certification schemes currently in…

Consultation response

LEET Security, 6 Dec 2017

LEET Security | ICT Security Rating Agency, the first rating agency in Europe working on labeling cyber security in services, welcomes the opportunity to provide its views on the European Commission’s proposal for Regulation on ICT Cybersecurity Certification. Please find our comments on the…

Consultation response

, 6 Dec 2017

Feedback is hereby provided on the proposal for a European Cyber Security Certification Framework within the proposed Cyber Security Act. Proper process: IBM supports the notion of security certification, which is a well-established practice and can work effectively when they are developed in…

Consultation response

Verbund der Telekommunikations-Endgerätehersteller, 6 Dec 2017

Please see the attachment for our feedback to the Cybersecurity Act.

Consultation response

Sigfox, 5 Dec 2017

Sigfox welcomes the opportunity to provide the following feedbacks on the Cybersecurity Act Draft Regulation and its impact assessments to the European Commission. Sigfox has taken this opportunity to provide its comments based on its experiences as regards to the technical aspects of cybersecurity…

Consultation response

Alliance pour la Confiance Numérique, 1 Dec 2017

ACN wholly agree with the European Commission's objectives to harmonise legislation governing cybersecurity mechanisms in Europe, in particular with regard to certification. This is especially timely as the increased digitisation of all economic activity and sectors creates a major strategic need…

Consultation response

, 3 Aug 2017

VDMA represents around 3,200 companies in the engineering industry, mostly SMEs. As suppliers of intelligent production systems, our companies consider Cybersecurity an essential enabler of a connected industry. We firmly believe that a security framework must be part of the EU-Single Market. If…

Consultation response

European co-operation for Accreditation, 10 Jul 2017

Regarding the "Preliminary policy options – Certification" the following option should be implemented: Option 3: Propose an ICT security legislation based on the 2008 New Legislative Framework. This would require the adoption of a new legislative instrument setting out mandatory harmonised…