Third Country Perspective to the EU CSA—What Will Be the Next Step? Confusion or Order? (C30a)
The EU has established a new Cyber Security Law. The objectives are to standardize and protect the market, eliminating the duplicate efforts and different policies among members. Although the law seems to provide good solutions to such issues, there are some risks and drawbacks that needed to be handled. For example, there are a number of frameworks to be affected; SOGIS, CCRA, ETSI, CEN. New certification programs, mutual-benefit communities, brand new definitions and processes are on the way. All these create a mess and race among sub-groups. Another big question mark is for third countries which are still parties of some systems like CCRA.
In this session, the presenter will focus on the EU Cyber Security Act’s possible affects on third countries. What does it mean for them, what a vendor/lab/certification authority has to do to integrate or benefit from the law?