Skip to main content
News article3 December 2021European Union Agency for Cybersecurity2 min read

Going full-throttle on Cybersecurity Certification and Market

This week the European Union Agency for Cybersecurity (ENISA), organised its recurrent Cybersecurity Certification Conference, focusing on how certification can impact organisations, the market and standardisation in the EU.

Certification Conference 2021

In order to secure network and information systems protecting businesses and citizens, digital solutions that are up to date are needed. Several cybersecurity solutions are available on the market; but they are not all equally effective.

To tackle this issue, the European Union Agency for Cybersecurity (ENISA) has been mandated as the appropriate organisation that engages with public services, the industry and standardisation bodies, to draw up candidate cybersecurity certification schemes. This way cybersecurity solutions can remain reasonably comparable with each other and the overall level of cybersecurity in Europe can be further raised.

On 2-3 December, the European Union Agency for Cybersecurity (ENISA) delivered its fourth Cybersecurity Certification Conference. This conference attracted over 1800 online registrations and brought on stage Cybersecurity experts, service providers, conformity assessment, supervisory bodies and national authorities together to discuss on market opportunities linked to EU Cybersecurity Certification and on how innovation challenges in new technologies can be tackled.

The conference was opened with introductory remarks by ENISA’s Executive Director Mr. Juhan Lepassar. Keynote speeches were also delivered by the European Commission’s, Deputy Director-General of Communications Networks, Content and Technology (DG Connect), Mr. Thomas Skordas and by Mr. Sandro Amendola, Head of Division for ‘’Standardisation, Certification and Cybersecurity of Telecommunication Networks’’ at the Federal Office for Information Security (BSI) and finally Mr. Sebastian Kunz-Jacques Deputy Director of the Expertise Department of the National Cybersecurity Agency of France (ANSSI), provided for a key-note speech.

  • The main takeaways

The first part of the week was dedicated to Ad-Hoc Working Group (AHWG) plenaries were organised on the side-lines of the conference. These experts’ groups on Common Criteria, Cloud Services, 5G and Cybersecurity Market were organised physically in Athens, with a possibility to attend online.

  • Launch of the Ad-Hoc Working Group (AHWG) on EU 5G

On 29 November 2021, ENISA launched Ad-Hoc Working Group on the EU 5G with a view to prepare a candidate cybersecurity certification scheme for 5G networks. This comes in response to the NIS cooperation group guidance concerning an EU coordinated risk assessment, the 5G threat landscape and the 5G toolbox.

  • Introduction of a new Ad-Hoc Working Group on the Cybersecurity Market

The Ad-Hoc Working Group on the Cybersecurity Market was launched on 17 November 2021 and held its second meeting on the 29 November 2021 focusing on: Cybersecurity market parameters; market trends affecting emerging sectors such as (inter)connected devices, IoT, 5G, market assessment and analysis methods and lastly definition of cybersecurity market segments.

Awareness Campaign on certification dedicated to the Conformity Assessment Bodies (CABs)

On the occasion of the Cybersecurity Certification Conference, the first dedicated campaign on awareness raising on Cybersecurity Certification, was launched. This year’s campaign focused on “The Ones that can certify”, that concerns the Conformity Assessment Bodies (CABs). A dedicated video has been produced (Certification Schemes and CABs - Q&A — ENISA ( providing for insights on what the opportunities for CABs are.

Target audience of the ENISA Cybersecurity Certification Conference

  • Experts from National Authorities responsible for the cybersecurity certification and market
  • European Institutions interested in cybersecurity
  • Conformity Assessment Bodies, cybersecurity evaluators and auditors
  • Business and the industry sector.
  • Researchers and the academic community

Next steps

Publication of the ‘’Cybersecurity Certification Conference’’ recorded panels and debates, is expected in early 2022.

The next ‘’Cybersecurity Certification Conference’’ can be pencilled in your calendars on 2 -3 June 2022.


Publication date
3 December 2021
European Union Agency for Cybersecurity