Join Us
Sign up to receive updates about the platform launch and more
You will get:
- Access to the online platform upon launch (Q2 2022)
- Exclusive Demo (Available now)
- Invitation to future webinars and events
- Invitation to our unique Investment Platform (Q1 2022)
By clicking Sign up, you agree to receive communications from redalertlabs.com. You can unsubscribe at any time. For information on how to unsubscribe, as well as our privacy practices, please review our Privacy Policy.
TRUST should be further strengthened by offering information in a transparent manner on the level of security of ICT products, ICT services and ICT processes ...”
“An increase in trust can be facilitated by Union-wide CERTIFICATION providing for common cybersecurity requirements and evaluation criteria across national markets and sectors.”
Cybersecurity Act – Section (7)
The EU cybersecurity certification framework defines a mechanism to establish European cybersecurity certification schemes and to attest that the ICT products, processes and services that have been evaluated in accordance with such schemes comply with specified security requirements. ENISA has a pivotal role in the design of the candidate EU cybersecurity certification schemes. The CSA provides clear guidelines regarding how these schemes should be designed in the articles below:
- Article 51 - Security objectives of European cybersecurity certification schemes
- Article 52 - Assurance levels of European cybersecurity certification schemes
- Article 54 - Elements of European cybersecurity certification schemes
Proposal for REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on ENISA, the "EU Cybersecurity Agency", and repealing Regulation (EU) 526/2013, and on Information and Communication Technology cybersecurity certification ("Cybersecurity Act"), ST 15786 2018 INIT.
BASIC
CONSUMER / ENTREPRISE
A European cybersecurity certificate or an EU statement of conformity referring to assurance level ‘basic’ provides assurance that the ITC products, services and processes meet the corresponding security requirements, including security functionalities, and that they have been evaluated at a level intended to minimise the known basic risks of cyberincidents and cyberattacks.
• The evaluation activities should include at least a review of the technical documentation or, failing that, substitute evaluation activities with equivalent effect.sentence or two describing this item.
SUBSTANTIAL
ENREPRISE / INDUSTRIAL
A European cybersecurity certificate referring to assurance level ‘substantial’ provides assurance that the ITC products, services and processes meet the corresponding security requirements, including security functionalities, and that they have been evaluated at a level intended to minimise cybersecurity risks, cyberincidents and cyberattacks carried out by actors with limited skills and resources.
• The evaluation activities should include at least:a review to demonstrate the absence of known vulnerabilities;testing to demonstrate that the products, service or processes correctly implement the security functionalities;failing that, substitute evaluation activities with equivalent effect.
HIGH
INDUSTRIAL / CRITICAL
A European cybersecurity certificate referring to assurance level ‘high’ provides assurance that the ITC products, services and processes meet the corresponding security requirements, including security functionalities, and that they have been evaluated at a level intended to minimise the risk of state-of-the-art cyberattacks carried out by actors with significant skills and resources.
• The evaluation activities should include at least: a review to demonstrate the absence of known vulnerabilities;testing to demonstrate that the products, service or processes correctly implement the security functionalities;an assessment of their resistance to skilled attackers using penetration testing;failing that, substitute activities.
CONNECT WITH US
contact (at) redalertlabs.com
