ECSO position paper on the EU Cybersecurity Package

October 2017, Brussels
The position paper presents the initial ECSO position on the issues covered by the EU Cybersecurity Package published on 13 September 2017 by the European Commission.

Since the publication of the package, we have gathered comments both from the ECSO Board and from many ECSO members to provide the Horizontal Working Party of the Council, Member States and the Commission with comments from ECSO on the proposed Joint Communication.

Due to the very wide spectrum of cybersecurity and the different interests of ECSO members it would be difficult to report all the suggestions made. For this reason, we have advised our members to report their specific comments to the European Commission through the currently running public consultation on the cybersecurity package.

Also, while there was a general consensus on the majority of topics in the Joint Communication, we must recognise that there are important differences on the issue of certification. More time is needed to reach consensus on the details. For this reason, we have opted to give general considerations in the main text and give a general understanding of the various positions / suggestions in a companion paper. Yet, we expect that the ECSO working group dedicated to this topic will soon issue suggestions for a meta-scheme that could be used in the new EU certification framework in a few weeks.

This paper presents the positions and suggestions from ECSO on the package. The structure of this position follows the structure of the proposed EU Joint Communication and its content is more of political nature than technical. A final section on “other issues” has been appended with suggestions received from ECSO members on topics that are not mentioned or not enough detailed in the Joint Communication. 

Download the position paper