atsec at the EU Cybersecurity Act Conference and Crypto Module Day

atsec recently attended two conferences that focused on cybersecurity certification: the International Conference on the EU Cybersecurity Act and Crypto Module Day Conferences in Brussels, Belgium, from March 28 to March 30, 2023.

Both conferences focused on the upcoming regulations in the EU and discussed cybersecurity certification schemes drafted by ENISA (the European Union Agency for Cybersecurity ) by request of the European Commission as well as the interplay of the Cyber Resilience Act (CRA) with Cybersecurity Certification Requirements in NIS 2, CSA, and other regulations.

Participants discussed the need for and evolution of cryptographic evaluation methods in Europe as well as activities on ISO/IEC 19790, FIPS 140-3 and evaluation methods described in the SOG-IS Harmonized Evaluation Procedures and SOG-IS Agreed Cryptographic Mechanisms.

The conferences provided an excellent platform for experts to share their insights and experiences on how to enhance not only cyber resilience and cybersecurity certification but also to address security requirements across different markets and jurisdictions. The conferences highlighted the importance of harmonized standards and regulations to ensure that global products meet the necessary security requirements.

atsec contributed with two presentations at the International Conference on the EU Cybersecurity Act: “Vulnerability Management—An Important Aspect to Get Right ” presented by Staffan Persson, and “ Better, Faster, Cheaper” presented by Rasma Araby.