We are most pleased to invite you to participate in an evening of discussion on how cybersecurity certification schemes can enhance Europe’s security and competitiveness with our distinguished speakers:
- Mr Miguel Gonzalez-Sancho, Head of the Cybersecurity Technology and Capacity Building Unit, DG CONNECT, European Commission,
- Ms Sara Bussière, Senior Advisor, Orange,
- Mr Jocelyn Delatre, Policy Officer, Smart Mobility Manager, European Automobile Manufacturers’ Association – ACEA and
- Mr Sylvain Bouyon, Head of Fintech Programme, CEPS.
The event will be moderated by Magnus Franklin, Director, Teneo cabinet DN and former Chief Correspondent at MLex.
This event will be held under the Chatham House Rule.
This event was kindly sponsored by
Within the framework of the
About the debate
The question of cybersecurity has emerged as a vital aspect of EU policy due to the fact that in the past few years digital threats have been evolving fast. According to the European Commission 2017 Cybersecurity Factsheet, ransomware attacks have increased by 300% since 2015, while the economic impact of cybercrime rose fivefold from 2013 to 2017, and could further rise by a factor of four by 2019. Cybersecurity has also been intensively in the spotlight due to a series of large-scale cyber-attacks aimed at Europe last year. In fact, the EU’s digital landscape is witnessing a rapid intensification of cybercrimes such as the theft of commercial trade secrets, business information and personal data, as well as disruption of services and infrastructures. At the same time, the rapid development of the Internet of Things is confirming that billions of devices will be evermore connected, and therefore vulnerable to such attacks, over the next decade, making the “security by design” of such devices a fundamental element. Against this background, private companies, including telecom undertakings, and public bodies have strengthened their tools to anticipate and fight against such attacks. Increasing coordination and overall level of security, as well as enhancing trust and confidence of citizens, will be essential to ensure the security and the competitiveness of the EU.
Within this context, and building on the review of the 2013 EU Cybersecurity Strategy, the European Commission published in September 2017, as part of the Cybersecurity package, a proposal for a Cybersecurity Act, which aims at both revising the mandate of ENISA and creating an EU framework for cybersecurity certification. Indeed, according to the EU Digital Single Market strategy, “specific gaps still exist in the fast-moving domain of technologies and solutions for online network security”, whereas market studies have demonstrated that the internal market is still geographically fragmented as far as cybersecurity products and services are concerned. In addition, when it comes to skills and expertise, a lack of coordination and capacity building has been identified, with many stakeholders along the value chain being left to the side.
The EU draft framework for cybersecurity certification is based on some fundamental principles such as the definitions of assurance levels, the level of involvement of the industry in the definition of such schemes, and the voluntary nature of the EU certification. All those elements will be debated between the co-legislators in the months to come. For instance, while Parliament considers that the certification should become mandatory on some aspects for operators of essential services, the Council rather encourages a voluntary cybersecurity certification framework. It is therefore key to understand how cybersecurity certification schemes can enhance Europe’s security and competitiveness.
The event will commence with a welcome drink at 7h00 pm, followed by a panel debate at 7.30 pm. After the panel debate there will be an opportunity for questions and discussions.