The Bulgarian Presidency of the Council of the EU has reached a common approach to the Cyber Security Act
By the end of 2017, the EU Council declared its ambition to reach a common approach to the Cyber Security Act by June 2018.
The Bulgarian Presidency of the Council of the European Union 2018 reached a common approach to the proposal for a regulation on cybersecurity and opened the way for a subsequent successful forwarding of the dossier by the Austrian Presidency of the Council of the EU.
Under the leadership of the Deputy Chair of the State Agency for Electronic Governance, Krasimir Simonski, intensive discussions were held and after more than 20 working sessions and eight consecutive compromise proposals, the EU Council of Europe's horizontal working group on cyber issues reached a compromise on the positions and proposals of Member States. This allowed the Telecommunications Council to adopt a common approach to the proposal at its last meeting.
In September 2017, in the context of the Digital Single Market Strategy, the European Commission adopted and submitted to the Council and the European Parliament a proposal for a Regulation on ENISA - the EU Cybersecurity Agency, and repealing Regulation (EU) No 526/2013, as and on Cybercrime Certification of Information and Communication Technologies ("Cyber Security Act"). As part of the so-called "The Cyber Security Package", the proposal aims to ensure a high level of cyber security, cyber resilience and trust in the Union with a view to ensuring the proper functioning of the internal market.
The proposed regulation defines the objectives, tasks and organizational aspects of the EU Cyber Security Agency. A permanent mandate for ENISA for effective support for cyber security efforts as well as a European framework for cyber security certification for ICT products and services and rules for the management of European cyber security certification schemes is envisaged. Certificates issued under these schemes will be valid and recognized in all Member States. This creates the conditions for overcoming the fragmentation of the ICT product and services market in the EU, while ensuring a certain level of synchronization of security standards across Member States.
We recall that at the end of 2017, the EU Council declared its ambition to reach a common approach to the Cyber Security Act by June 2018. The Austrian Presidency of the Council of the EU from July to December 2018 should start negotiations with representatives of the European Parliament and the EC on the proposal for a regulation.