European Commission proposes more powers for EU’s infosec agency


The European Commission has proposed an expansion in the role of ENISA, the EU’s cybersecurity agency.

During his State of the Union speech on Wednesday, Jean-Claude Juncker outlined plans to widen ENISA’s remit through a Cybersecurity Act. Under a revised mandate, ENISA would be tasked with introducing an EU-wide cybersecurity certification scheme. The thinking is that the agency would be able to counter threats more actively by becoming a centre of expertise for cybersecurity certification and standardisation of ICT products and services.

The agency would also support member states in implementing the Network and Information Security (NIS) Directive and be take a role in reviewing the EU Cybersecurity Strategy, an upcoming blueprint for cyber-crisis cooperation.

Dr Udo Helmbrecht, executive director of ENISA, said in a canned statement: “I welcome the proposal from the Commission to strengthen and expand ENISA’s mandate by addressing certification and standardisation of ICT products and better cooperation in relating to preparing and addressing cross-border cybersecurity challenges in Europe. I believe that these initiatives will improve the Digital Single Market and strengthen the ICT industry in Europe.”

Senior eurocrats said the revised mandate would include the development of new cybersecurity tools, but details remain unclear. ENISA’s press representatives are yet to respond to El Reg’s questions on this and several other points, such as whether it will be taking on more staff and what its budget will be. We’ll update this story as and when more information comes to hand.

Read more…

Source: The Register