The EU is contemplating the need to widen scope of cybersecurity regulation to impact Big Tech, banks, and airlines as more companies move to the cloud to drive innovation.
In brief:
-The EU Union Agency for Cybersecurity (ENISA), has proposed a new EU certification scheme (EUCS) that highlights the cybersecurity of the cloud and outlines how businesses and governments can choose cloud vendors.
-The proposal requires US tech giants such as Amazon, Alphabet’s Google, and Microsoft to set up ventures with EU-based companies in order to gain a EU cybersecurity label.
-The Computer and Communications Industry Association (CCIA), a tech lobbying group, stated that extending the scope of the scheme will bring in more industries into the EU and bolster growth.
What does this mean?
"Perhaps the most striking part of this new draft is that ENISA now suggests the requirements that discriminate against foreign cloud providers could also be extended to lower levels of assurance," commented Alexandre Roure, CCIA Europe's public policy director. "That would include banks, but also airlines, utility companies, and heavily regulated sectors.”