Fonte: The WSGR Data Advisor
On June 27, 2019, the EU Regulation on Information and Communication Technology (Cybersecurity Act or Act) became effective introducing, for the first time, EU-wide rules for the cybersecurity certification of products and services (Certification). The Certification may create a competitive advantage for companies that sell their products and services in the EU. Further, the Certification may act as a catalyst to the anticipated certifications for GDPR-compliance.
In addition, the Cybersecurity Act provides for a new permanent mandate for the EU Agency for Cybersecurity (ENISA) with new responsibilities.
The EU Cybersecurity Certification Framework
The Cybersecurity Act establishes the EU Cybersecurity Certification Framework, intended to enhance the cybersecurity of online services and consumer devices in the European Union. The Certification allows companies to assess the cybersecurity standards of a specific product or service, and rank them in order of risk severity (basic, substantial, high). Products or services may be required to acquire a different level of Certification depending on their use (e.g., a basic Certification may be sufficient for a smart TV, but insufficient for a medical device).
Clique aqui e leia a matéria completa.