Theme: Preparing for product certification
The European Commission is pushing hard to make cybersecurity certification mandatory for products. They are developing several different regulations for this purpose: the Cybersecurity Act, the NIS 2 directive, a delegated act to the Radio Equipment Directive, and the Cyber Resilience Act. It is not clear how these regulations will work together. But we expect that there will be mandatory certification for smart meters from 2024, and for industrial equipment (RTUs, SCADA systems) one or two years later. If not implemented well, the certification will increase costs and reduce available products, without really raising security.
So, it is important that we prepare good requirements against which can be certified. ENCS has been working on preparing the existing requirements sets. In the meeting, we would like to present the current versions of the distribution automation and SCADA requirements.
Target audience: security specialists working on designing secure systems, such as security architects or security officers setting technical requirements or working on procurement projects.
ENCS Members can download the slides for the presentations given during the roundtable in the link below: