The purpose of European cybersecurity certification
Increased digitization and connectivity increase cybersecurity risks, thus making society as a whole more vulnerable to cyber threats. To mitigate these risks, all necessary actions must be taken to improve cybersecurity at European Union level.
Currently, the cybersecurity certification of ICT products, ICT services and ICT processes is used only to a limited extent. It mostly occurs at Member State level; however, a certificate issued by a national cybersecurity certification is not in principle recognized in other Member States. Companies thus may have to certify their ICT products, ICT services and ICT processes in several Member States where they operate, with a significant increase of their costs.