Here are the most important changes of Q1 2024 in cybersecurity. Read our newsletter and find out more about the most important changes of 2024 including the upcoming EUCC and UK PSTI Act.
- we report on the EUCC,
a Common Criteria-based certification scheme that uses the internationally acclaimed, proven methods used in Common Criteria, scheduled to begin implementation on February 27, 2025
- we help you understand the UK PSTI Act,
which will soon come into force in the United Kingdom, what it means for manufacturers, and how CCLab can help you comply with the requirements
- we present our joint webinar with QIMA on UK PSTI,
which is available for FREE on our website on-demand
- we introduce our latest training material, the ETSI Guide Course, which helps IoT device manufacturers meet the requirements of the ETSI EN 303 645 standard.
EUCC, the European Union Cybersecurity Certification Scheme aims to establish a unified framework for certifying the cybersecurity of products, processes, and services within the European Union. It provides a common set of standards and criteria for evaluating the security of digital products and services, thereby enhancing trust and confidence among consumers, businesses, and regulators.
The enforcement of the EUCC regulation is scheduled to commence on February 27th, 2025. Following this, existing national cybersecurity certification schemes will cease operations within 12 months. Vendors must understand that any certification processes initiated within the subsequent year of the regulation's enactment must be finalized by February 2027. New Common Criteria evaluation projects can be initiated utilizing the prevailing, well-established procedures under the existing national schemes before the aforementioned deadline.
EUCC, the European Union Cybersecurity Certification Scheme, marks a pivotal step forward in ensuring the security of products circulating within the European market. This innovative scheme aims to streamline the evaluation and certification process for cybersecurity products, offering manufacturers and consumers alike a standardized framework for assessing security measures.
With EUCC, manufacturers can navigate the complexities of cybersecurity compliance more efficiently, reducing time-to-market for their products while bolstering consumer trust.
Consumers, on the other hand, can make more informed purchasing decisions, confident in the knowledge that EUCC-certified products meet rigorous cybersecurity standards. This increased transparency and accountability foster a safer digital ecosystem for all stakeholders involved.
As Europe prioritizes cybersecurity in an increasingly interconnected world, EUCC emerges as a beacon of progress and collaboration. Stay tuned as CCLab explores the implications of EUCC and provides valuable insights into navigating this evolving cybersecurity landscape. Read our comprehensive blog post on EUCC.
6
min reading time
In today's interconnected world, the Internet of Things (IoT) has become an integral part of our daily lives, from smart homes to industrial automation. However, with the proliferation of IoT devices, security concerns have emerged as a significant challenge. In response to these challenges, the European Telecommunications Standards Institute (ETSI) developed the ETSI EN 303 645 standard, reshaping the landscape of consumer IoT cybersecurity.
5
min reading time
In the cybersecurity landscape, the Common Criteria Evaluation Assurance Level (EAL) is a critical factor in determining the security posture of a product. The EAL chosen for a product can significantly impact its security measures, evaluation processes, and user trust. This article delves into the importance of selecting the right EAL and the consequences of misjudgment and provides a step-by-step guide to aid in this crucial decision-making process.
6
min reading time
In today's interconnected world, the Internet of Things (IoT) has become an integral part of our daily lives, from smart homes to industrial automation. However, with the proliferation of IoT devices, security concerns have emerged as a significant challenge. In response to these challenges, the European Telecommunications Standards Institute (ETSI) developed the ETSI EN 303 645 standard, reshaping the landscape of consumer IoT cybersecurity.
5
min reading time
In the cybersecurity landscape, the Common Criteria Evaluation Assurance Level (EAL) is a critical factor in determining the security posture of a product. The EAL chosen for a product can significantly impact its security measures, evaluation processes, and user trust. This article delves into the importance of selecting the right EAL and the consequences of misjudgment and provides a step-by-step guide to aid in this crucial decision-making process.
Upon its departure from the European Union, the United Kingdom (UK) has assumed full autonomy in determining its cybersecurity regulations, thereby exiting the EU's cybersecurity framework. With its own set of national laws and standards, the UK is no longer bound to adopt EU regulations or directives in this domain automatically. Instead, it has established the Product Security and Telecommunications Infrastructure (PSTI) as its regulatory system.
The primary objective of the UK PSTI is to bolster the security of connectable products and mitigate associated cybersecurity risks within the UK. Under this regulation, manufacturers of connected devices, whether wired or wireless, are mandated to adhere to these requirements and undergo compliance assessments.
At CCLab, we understand the importance of ensuring compliance with this legislation to safeguard your products and maintain UK market access. Our comprehensive service to UK PSTI compliance offers invaluable insights and practical strategies to help you navigate the complexities of this regulatory framework. From understanding the key provisions of the PSTI Act to implementing effective security measures, CCLab helps to cover all aspects of compliance to ensure your products meet the stringent requirements set forth by UK regulators.
Whether you're a seasoned industry professional or new to cybersecurity regulations, we offer essential resources and expert guidance to support your journey toward PSTI compliance.
Recently, CCLab partnered with QIMA to host an insightful webinar on the UK PSTI Act to demystify compliance with the UK Product Security and Telecommunications Infrastructure (PSTI) regulations.
During the webinar, industry experts delved into the nuances of the UK PSTI framework, shedding light on its implications for manufacturers of connectable products. Participants gained valuable insights into the key provisions of the regulation, compliance requirements, and best practices for ensuring adherence to the UK PSTI standards.
For those who missed the live webinar, do not worry! The recording is now available on-demand, free of charge, on the CCLab website. To access the on-demand webinar recording, please visit the following page:
CCLab created the ETSI Guide Course, an educational material package for Software Developers to maximize the efficiency of the preparation of their consumer IoT device’s ETSI 303 645 certification. The training package includes tutorial videos and presentations for each provisioning group.
Check out the course page for detailed information about:
Watch the short video about the ETSI Guide course to see why subscribing is a good decision: