BRUSSELS – 5 DECEMBER 2018 – Following yesterday’s EU Telecommunication’s Council discussion on reforming Europe’s cybersecurity rules, BSA | The Software Alliance re-emphasized that an ever-changing cyber threat landscape requires a flexible, clear and diversified set of rules.

Commenting on the draft EU Cybersecurity Act Regulation, which seeks to create a future ICT security certification framework, Thomas Boué, Director General, Policy – EMEA, made the following statement:

“Cyber threats are fast evolving and unpredictable. Oversubscribing to technical requirements, risks making the future legislation obsolete before it is even fully enacted. The software industry calls for a framework that allows manufacturers of low-risk and low-complex products and services to declare conformity through self-assessment"

Regarding the draft EU Cybersecurity Competence Centre Regulation, Boué noted:

“Many questions remain on the future Competence Centre. While BSA supports the objective of making the EU's cyber products and services more competitive , the future framework risks creating significant overlaps with existing EU activities, such as those pursued by ENISA. Creating additional bodies and organisations does not automatically mean more cybersecurity. The EU should enhance existing cyber capabilities and ensure that entities, regardless of their origin, are able to build further Europe’s cyber resilience.”