The recently agreed Cyber Resilience Act isn’t the only new EU cybersecurity rule set to be published this December: by the end of the year, the European Commission is expected to adopt its draft regulations to establish a European cybersecurity certification scheme (“ECCS”).
Once finalized, the ECCS will be issued under the European Union’s Cybersecurity Act which allows for voluntary accreditation against the ECCS. Although voluntary, the draft standards will also have consequences for European cybersecurity laws more broadly, including: