European certification: 2022 orientations


The « certification week », an ENISA-operated event that gathers european certification specialists to talk about the Cybersecurity Act, has just ended. What will be the orientations for 2022?

Three major steps towards European certification

The adoption procedure for the implementation act of the first EUCC (EU Common Criteria) certification scheme is expected to start in the first half of 2022, while the drafting of the second EUCS scheme – for cloud service providers – is already in the final stages.
The third EU5G scheme has just been launched.

ANSSI, the national cybersecurity certification authority

The Cybersecurity Act, adopted in June 2019, gave each member state two years to designate the national cybersecurity certification authority : ANSSI will be the certification authority for France. As such, the agency will be in charge of the authorization and notification of certification bodies, the control and supervision of the European certification schemes implemented, but also, for each scheme that provides for it, the issuance of certificates for the assurance level high.

To learn more

Do you wish to better understand the Cybersecurity Act?
In the latest NoLimitSecu podcast episode, Franck Sadmi – in charge of « Alternative Security Certifications » at ANSSI – highlights the main objectives of the Cybersecurity Act. To learn more about this topic, ENISA created a video on conformity assessment bodies, one of the cornerstones of the Cybersecurity Act.

Would you like to become part of this ecosystem? Reach out to the certification division: certification-eu [at] ssi.gouv.fr.