Founded in 2013, CCLab Ltd. is an agile cybersecurity laboratory specializing in Common Criteria evaluations and consultations. Our cybersecurity lab has been accredited by OCSI (Certification Body of the Italian Scheme) since 2015 and BSI (Certification Body of the German Scheme) since 2022.
We have successfully executed numerous projects, with the scale and quality of evaluations consistently increasing each year.
In 2023 CClab joined the QIMA group, a global Testing, Inspection, and Certification player, operating in more than 100 countries from 60 offices and labs.
Navigate the complex landscape of cybersecurity certifications
with expert guidance
ISO 15408 Common Criteria Compliance and Certification up to EAL4+ or EAL5.
Professional support to prepare for a successful Common Criteria evaluation saves you cost and effort.
Comply with ETSI EN 303 645 standards, providing guidelines and expertise for the security of consumer Internet of Things (IoT) devices.
Data security solutions for smart metering system components with independent verification by out certified laboratory.
Learn more about the Radio Equipment Directive (RED) specifying cybersecurity requirements for radio equipment sold within the EU.
How to get your connected device compliant with the upcoming cybersecurity regulation in the UK, the Product Security and Telecommunications Infrastructure (PSTI) Act.
Cybersecurity evaluation and certification of industrial automation and control system based on ISA/IEC 62443-4-1 and 62443-4-2 standards.
Get your IoT, IIoT device certified after successful evaluation and testing based on ETSI 3030 645 or IEC 62443-4-1, 62443-4-2.
What does it mean?
8
min reading time
Imagine this: weeks from launching a connected device in Europe, hardware set, software frozen, marketing ready, then a wall. A Notified Body flags missing cybersecurity evidence under the Radio Equipment Directive (RED). The fix? A costly, months-long redesign. This happens more often than teams expect. Last-minute failures on cybersecurity aren’t always due to weak security, but missing evidence or test docs RED demands. And it’s not just Europe, globally, security rules are tightening, and buyers are asking tougher questions before contracts. RED’s Articles 3.3(d), 3.3(e), and 3.3(f) are shaping secure-by-design norms worldwide. Manufacturers treating them as a baseline not only pass audits but gain an edge. Embedding these principles early cuts risk, streamlines compliance, and proves to customers that security isn’t an afterthought. Let’s unpack why.
7
min reading time
As Europe advances its digital transformation agenda, securing its technological infrastructure has become a top priority. At the center of this ambition lies the European cybersecurity certification ecosystem. Most notably, the European Cybersecurity Certification Scheme (EUCC). Designed to harmonize security assurance practices across EU member states, EUCC is the first concrete step under the EU Cybersecurity Act to create a unified framework for certifying ICT products and services. But while EUCC represents a major achievement in digital sovereignty, a crucial question remains: Is it enough? This article explores what the European Cybersecurity Certification does well, where its current limitations lie, and what additional steps are necessary to create a truly resilient cybersecurity landscape across Europe.
9
min reading time
As the Internet of Things (IoT) continues to transform homes, workplaces, and industries, the cybersecurity risks associated with connected devices have grown exponentially. Recognizing this, the European Union has revised the Radio Equipment Directive (RED) to introduce critical cybersecurity provisions. In particular, Articles 3.3(d), (e), and (f) of the RED mandate manufacturers to design radio equipment that protects networks, ensures personal data privacy, and prevents fraud.These updates reflect a broader EU effort to safeguard digital ecosystems and align technological innovation with user trust and security. For manufacturers of wireless and radio-connected devices, understanding and implementing these cybersecurity requirements is no longer optional – it’s a regulatory obligation. For organizations like CCLab, which guide clients through Common Criteria (CC) evaluations and RED compliance, these changes highlight the growing intersection of product security and legal conformity.
Join our captivating cybersecurity events to enhance your knowledge and engage with our team of experts.
Internetkapcsolattal rendelkező rádióberendezésekkel vagy vezeték nélküli IoT eszközökkel dolgozik, és szeretné megtudni, hogyan felelhet meg a RED irányelv és a kiberbiztonsági harmonizált szabványok követelményeinek?
If you missed the live webinar on Evolving Cybersecurity Requirements under the Radio Equipment Directive (RED) on 28 May, you can still access the valuable insights shared. Experts Levente Cseh, Gergely Bakos, and Jonatán Bodo will guide you through compliance strategies, device security enhancements, and how to stay competitive in an increasingly connected market.