A high-level delegation from the European Standardization Organizations (ESOs) – CEN, CENELEC and ETSI – met with Neelie Kroes, Vice-President of the European Commission responsible for the Digital Agenda, in Brussels on 2 April.

During this meeting, the representatives from the three ESOs presented their latest proposals regarding how to maximize the positive contribution that standards can make to enhancing internet security and protecting personal data, in order to support the successful implementation of the EU Cybersecurity Strategy.

The meeting with European Commission Vice-President Neelie Kroes was attended by: Friedrich Smaxwil – CEN President; Elena Santiago Cid – Director General of CEN and CENELEC; Dirk Weiler – Chairman of the ETSI General Assembly; Christian Ehler – Member of the European Parliament and Chair of the CEN-CENELEC-ETSI Cybersecurity Coordination Group (CSCG); and Torsten Bahke – Chairman of the Executive Board of DIN (German Institute for Standardization), which is a CEN Member and provides the secretariat of the CSCG.

Also participating in the discussion was Stephan Lechner – Director of the Institute for the Protection and Security of the Citizen (IPSC), which is part of the European Commission’s Joint Research Centre (JRC), as well as senior officials from ENISA - the EU Agency for Network and Information Security, and the European Commission (DG Connect).

The main purpose of the meeting was to discuss how the three ESOs can contribute towards the successful implementation of the EU Cybersecurity Strategy, which was published by the European Commission last year. The ESO representatives presented a series of recommendations prepared by the CEN-CENELEC-ETSI Cybersecurity Coordination Group (CSCG), which was set up by the ESOs to provide advice on strategic matters related to IT security, Network and Information Security (NIS) and cybersecurity.

The CSCG’s recommendations underline the importance of cybersecurity standardization for the protection of personal data and other important information, as well as the benefits of harmonized cybersecurity standards in terms of completing the European Single Market and unlocking business potential. In order to address these objectives, the ESOs are calling for a coherent framework for the governance of cybersecurity standardization, within the context of EU Regulation 1025/2012 on European standardization.

According to the ESOs, there is a need to establish a clear and common understanding of the scope of cybersecurity, and to clarify and define the terminology used to describe various aspects and concepts related to cybersecurity. There is also a need to develop standards that will ensure the protection of personal data and inspire public confidence by creating a trustworthy digital environment for European citizens and consumers.

During their meeting, Vice-President Kroes agreed with the ESO representatives that Europe should continue to play a leading role in the development of standards related to cybersecurity. Vice-President Kroes was supportive of the ESOs’ ongoing efforts to work with the ICT industry and take the interests of citizens and consumers into account. She emphasized the importance of effective coordination among the ESOs, and also with business associations and other actors through the European Multi-Stakeholders Platform on ICT Standardization, which includes representatives of the ESOs alongside other relevant stakeholders.

Following the meeting, Dr Christian Ehler MEP (Chair of the CSCG), stated:

"With these recommendations, the CSCG encourages the European institutions to establish a global lead in cybersecurity standardization. The protection of personal data is one of the core values of the European Union. We urge that the necessary steps be taken to make the European online environment the safest in the world, as demanded by the EU's Cybersecurity Strategy."

Friedrich Smaxwil (CEN President) emphasized the role of the ESOs:

"In CEN and CENELEC we are ready to play our part in supporting the successful implementation of the EU Cybersecurity Strategy. This includes finding out what businesses and consumers need and expect from standards, and reinforcing the links between research and standardization. We will continue to collaborate with the EU institutions, including ENISA and the JRC, as well as with ETSI and the international standardization organizations."

Dirk Weiler (Chairman of the ETSI General Assembly) added:

"ETSI has just launched a Technical Committee for Cybersecurity to support the EU strategy, meet industry needs for more security standardization and address citizens’ privacy concerns. Today most businesses in Europe rely heavily on internet and online communications, whether internally or with their customers, suppliers or partners. Cybersecurity and data protection have become strategic issues for companies with an impact on their competitiveness, performance and reputation. ETSI continues its very successful security standardization work in various Technical Committees, including the Security Algorithms Group of Experts (SAGE) and the 3rd Generation Partnership Project’s security group, as well as cooperation with relevant other standards development organizations like IETF."

Notes

The Cybersecurity Strategy of the European Union 'An Open, Safe and Secure Cyberspace' was published on 7 February 2013 by the European Commission and the EU High Representative for Foreign Affairs and Security Policy.

The European Multi-Stakeholder Platform on ICT Standardization was set up by the European Commission and includes representatives of the ESOs alongside other relevant stakeholders.

The Rolling Plan on ICT Standardization provides a multi-annual overview of the needs for ICT-related standardization activities to be undertaken in support of EU policies.

The CEN-CENELEC-ETSI Cybersecurity Coordination Group (CSCG) was set up in 2011. The CSCG gives advice to the technical boards of CEN, CENELEC and ETSI on strategic matters related to IT security, Network and Information Security (NIS) and cybersecurity. The CSCG works in close cooperation with overseas partners (notably in the USA), with the EU institutions (including ENISA - the European Union Agency for Network and Information Security), and with the international standardization organizations (ISO and IEC).
The CSCG is chaired by Dr Christian Ehler (Member of the European Parliament). The secretariat is provided by DIN (Deutsches Institut für Normung / German Institute for Standardization).

The CEN-CENELEC-ETSI White Paper 'Recommendations for a Strategy on European Cybersecurity Standardization' presents a series of proposals addressed to the European Commission, which were developed by the CSCG.

Read the full press release (pdf version)

Media contact

Ben Carlin
Communication Unit
CEN-CENELEC Management Centre
T: +32 2 550 08 32
Email
Twitter: @CENCLCpress