2020 was also an emergency year on the cybersecurity front. For 40% of companies, cyber attacks have increased compared to 2019, thanks to the spread of remote working, the use of personal devices and home networks.
This emergency has been present for several years and there have now been several serious attacks that have occurred and which have resulted in severe inconvenience and losses of substantial sums of money.
For this reason, the European Commission has already drawn up in 2019 the IT Security Act.
What is the Cyber Security Act
The Cybersecurity Act constitutes a fundamental part of the new European strategy for cyber security. This is a Regulation aimed at strengthening cybersecurity in Europe, increasing consumer trust and awareness towards the digital world to create a single and secure market in the field of cyber-security.
Like any Regulation, the Cybersecurity Act also took on immediate validity for all member states.
This regulation focuses on two main topics:
- Redefinition ofENISAEuropean Union Agency for Network and Information Security
- Definition of the European certification framework in the field IT security.
But let’s see them in detail: ENISA was founded in 2004 in order to guarantee the security of IT systems within the European Union. The Cybersecurity Act completely redefines the role of the Agency, giving it a leading role in the technical and operational management of all potential cyber incidents. In fact, if previously it only had a technical assistance role, it will now be responsible for providing support in the operational management of IT incidents. Furthermore, the new regulation considerably strengthens ENISA’s position in the training process for citizens and businesses regarding data security. The Agency becomes a truly independent center with the task of raising awareness and educating Member States in the field of cybersecurity.
The second key point of the Cybersecurity Act concerns the establishment of a European certification framework for the cyber security of digital products and services through which it will be possible to create an internal EU market for secure and certified IT products and services.
What are the consequences of the Cybersecurity Act?
- Data protection for companies and EU citizens: certifying the IT security level of each device at a European level is essential to guarantee consumers confidence and peace of mind.
- Single digital market: establishing a European framework that certifies the level of security of IT products and devices is essential to guarantee suppliers and manufacturers to sell their devices even outside their own country.
- Protection of European IT products: many IT products coming from non-European countries have lower costs. Most consumers prefer to spend less money and use cheaper, but often less secure, devices. This happens because even European products did not have a reference regulation that guaranteed safety. However, safety certification would guarantee European products high quality and an unparalleled level of safety. This guarantee could be essential to encourage the purchase of European products: more expensive, but undoubtedly safer.
latest posts published
Lokky, the Italian data driven insurtech for professionals and SMEs
An ally for cyber security: Load Balancing
Business Trend 2023 for SMEs, professionals and commercial activities
Occupational risks for pastry shops
How to read a pay slip
What are the most common cyber risks and how to protect yourself
Clinical Risk: What it is and What are the consequences
Commercial activities most affected by theft
October is European Cyber Security Month
