Skip to main content
Shaping Europe’s digital future logo

The EU Cybersecurity Act

The Cybersecurity Act strengthens the EU Agency for cybersecurity (ENISA) and establishes a cybersecurity certification framework for products and services.

© iStock by Getty Images -1037348986 Urupong

A new mandate for ENISA

ENISA, the EU Agency for cybersecurity, is now stronger. The EU Cybersecurity Act grants a permanent mandate to the agency, and gives it more resources and new tasks.

ENISA will have a key role in setting up and maintaining the European cybersecurity certification framework by preparing the technical ground for specific certification schemes. It will be in charge of informing the public on the certification schemes and the issued certificates through a dedicated website. 

ENISA is mandated to increase operational cooperation at EU level, helping EU Member States who wish to request it to handle their cybersecurity incidents, and supporting the coordination of the EU in case of large-scale cross-border cyberattacks and crises.

This task builds on ENISA’s role as secretariat of the national Computer Security Incidents Response Teams (CSIRTs) Network, established by the Directive on security of network and information systems (NIS Directive).

A European cybersecurity certification framework

The EU Cybersecurity Act introduces an EU-wide cybersecurity certification framework for ICT products, services and processes. Companies doing business in the EU will benefit from having to certify their ICT products, processes and services only once and see their certificates recognised across the European Union.

More on the certification framework

Latest

PRESS RELEASE |
The European Cybersecurity Competence Centre and Network is now ready to take off

The regulation establishing a new Cybersecurity Competence Centre and a Network of National Coordination Centres has entered into force this week. The Cybersecurity Competence Centre, which will be located in Bucharest, will contribute to strengthening European cybersecurity capacities and to boosting research excellence and the competitiveness of the Union's industry in the cybersecurity field.

PRESS RELEASE |
EU Cybersecurity: Commission proposes a Joint Cyber Unit to step up response to large-scale security incidents

The Commission has laid out a vision to build a new Joint Cyber Unit to tackle the rising number of serious cyber incidents impacting public services, as well as the life of businesses and citizens across the European Union. Advanced and coordinated responses in the field of cybersecurity have become increasingly necessary, as cyberattacks grow in number, scale and consequences, impacting heavily our security. All relevant actors in the EU need to be prepared to respond collectively and exchange relevant information on a ‘need to share', rather than only ‘need to know', basis.

PRESS RELEASE |
Commission to invest €14.7 billion from Horizon Europe for a healthier, greener and more digital Europe

The Commission has adopted the main work programme of Horizon Europe for the period 2021-2022, which outlines the objectives and specific topic areas that will receive a total of €14.7 billion in funding. These investments will help accelerate the green and digital transitions and will contribute to sustainable recovery from the coronavirus pandemic and to EU resilience against future crises. They will support European researchers through fellowships, training and exchanges, build more connected and efficient European innovation ecosystems and create world-class research infrastructures

PRESS RELEASE |
Security Union: EU rules on removing terrorist content online enter into force

Landmark EU rules on addressing the dissemination of terrorist content online entered into force this week. Platforms will have to remove terrorist content referred by Member States' authorities within 1 hour. The rules will also help to counter the spread of extremist ideologies online - a vital part of preventing attacks and addressing radicalisation.

Related Content

Big Picture

Cybersecurity Policies

The European Union works on various fronts to promote cyber resilience, safeguarding our communication and data and keeping online society and economy secure.

See Also

European Cybersecurity Competence Centre and Network

The European Cybersecurity Competence Centre (ECCC) aims to increase Europe’s cybersecurity capacities and competitiveness, working together with a Network of National Coordination Centres (NCCs) to build a strong cybersecurity Community.

NIS Directive

The NIS Directive is the first piece of EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU.