The 2022 International Conference on the EU Cybersecurity Act has been developed to help standards community prepare for the evolution of risk-based frameworks meant to address market fragmentation in the EU. The EU Cybersecurity Act, now in the early stages of development, will eventually create a wide-ranging, independent European body of cybersecurity regulation as part of the “single digital market” goal. This landmark regulatory mandate will have a wide-ranging effect on the international standards community—now is the time to begin planning for and participating in ongoing changes.
The Cybersecurity Act will establish a European cybersecurity certification framework for ICT products, services and processes. Current schemes may be incorporated into this new framework, or may need to evolve to the fit the regulatory changes. The conference will cover the potential effects on current schemes and regulatory mandates, as well as new potential candidate schemes for key industry verticals such as IoT, cloud, communications, payments, automotive, and more. Topics include 5G Standards, IoT Schemes, Artificial Intelligence, Industrial Automation Control Systems (IACS), ETSI EN 303645, CEN/CENELEC JTC13 WG3, EUCC, Union Rolling Work Programme (URWP), NIS Directive, Cloud Standards, Lightweight Standards, IACS, SESIP, Secure Development Lifecycle (SDL), and Global Platform.
Industry Alignment: Efforts by the international technical community to align frameworks with government standards while responding to the needs of the market.
Industrial Strategies: An analysis of current voluntary certification standards for industrial automation and energy, and potential transitions to mandatory international certification.
IoT Challenges: A survey of the large, fast-growing certification landscape for connected devices and the cost, performance, and power constraints that necessitate security compromises.
Public Policy: Updates from public schemes and associations on the development of standards in response to evolving security risks across multiple sectors.
Cloud and GDPR Frameworks: A look at cloud scheme initiatives and efforts to leverage existing certifications in the transition to frameworks that align with international regulations such as GDPR.
Outlook/Opportunities: Updates on leading government initiatives for global certification and perspectives on the business benefits of security evaluations.
Standards for Success: Review of standardization efforts under various national frameworks (a key factor for CSA success) and the limitations of standards in a real-world environment.
Innovations in Assurance: Best practices for maintaining certification in the face of new cybersecurity regulations, expanding product lines, and frequent product updates.
[rotatingtweets screen_name=’eucyberact’ include_rts=’3′ tweet_count=’7′ timeout=’3000′]