What's Happening?
The European Commission has launched a new cybersecurity package, including a proposal to amend the current Cybersecurity Act. The update aims to address issues such as misalignment with stakeholders'
needs, stalled implementation of the European cybersecurity certification framework, and increasing ICT supply chain security risks. Key changes include introducing a trusted ICT supply chain security framework, mandatory derisking of European mobile networks from high-risk suppliers, and enhancing the role of ENISA, the EU's cybersecurity agency. The proposal seeks to better protect critical ICT supply chains and combat cyber-attacks.
Why It's Important?
The proposed update to the Cybersecurity Act reflects the EU's commitment to strengthening its cybersecurity posture amid rising cyber threats. By addressing supply chain security risks and enhancing certification frameworks, the EU aims to protect its critical infrastructure and ensure technological sovereignty. The changes could lead to improved cybersecurity standards across member states, benefiting businesses and consumers. The proposal also highlights the strategic importance of cybersecurity in safeguarding democracy, economy, and way of life in the EU.
