Skip to main content
Shaping Europe’s digital future logo
Shaping Europe’s digital future

The EU Cybersecurity Act

The Cybersecurity Act strengthens the EU Agency for cybersecurity (ENISA) and establishes a cybersecurity certification framework for products and services.

© iStock by Getty Images -1037348986 Urupong

A new mandate for ENISA

ENISA, the EU Agency for cybersecurity, is now stronger. The EU Cybersecurity Act grants a permanent mandate to the agency, and gives it more resources and new tasks.

ENISA will have a key role in setting up and maintaining the European cybersecurity certification framework by preparing the technical ground for specific certification schemes. It will be in charge of informing the public on the certification schemes and the issued certificates through a dedicated website. 

ENISA is mandated to increase operational cooperation at EU level, helping EU Member States who wish to request it to handle their cybersecurity incidents, and supporting the coordination of the EU in case of large-scale cross-border cyberattacks and crises.

This task builds on ENISA’s role as secretariat of the national Computer Security Incidents Response Teams (CSIRTs) Network, established by the Directive on security of network and information systems (NIS Directive).

A European cybersecurity certification framework

The EU Cybersecurity Act introduces an EU-wide cybersecurity certification framework for ICT products, services and processes. Companies doing business in the EU will benefit from having to certify their ICT products, processes and services only once and see their certificates recognised across the European Union.

More on the certification framework

Latest

PRESS RELEASE |
Eurobarometer: Europeans show support for digital principles

According to a special Eurobarometer survey conducted in September and October 2021, an overwhelming majority of EU citizens think that the Internet and digital tools will play an important role in the future.

PRESS RELEASE |
Commission to invest nearly €2 billion in delivering digital advances to business, citizens, and public administrations

The Commission has adopted three work programmes for the Digital Europe Programme, outlining the objectives and specific topic areas that will receive a total of €1.98 billion in funding. This first set of work programmes includes strategic investments that will be instrumental in realising the Commission's goals in making this Europe's Digital Decade.

Related Content

Big Picture

Cybersecurity Policies

The European Union works on various fronts to promote cyber resilience, safeguarding our communication and data and keeping online society and economy secure.

See Also

NIS Directive

The NIS Directive is the first piece of EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU.