Informative Seminar - 17/03/2023

«Standards supporting conformity assessment in Cyber security and Data protection»

Dear Director General of CYS

Dear Chairperson of CEN/CENELEC JTC13

Distinguished speakers

Esteemed guests,

It is a great pleasure to welcome all the participants in this “Standards Supporting Conformity Assessment in Cyber Security and Data Protection” event.

We are thrilled to be here today to engage in this important discussion on the latest standards supporting conformity assessment in the realm of cyber security and data protection.

The rapid development of digital technologies has brought about numerous benefits to our daily lives. It has also brought about significant challenges, such as the need to ensure the security and protection of our personal data. That is why the issue of cyber security and data protection is becoming more critical than ever. With the increasing number of cyber threats and data breaches, it is essential to establish standards and conformity assessments that can help organizations better protect themselves and their customers.

The Digital Security Authority (DSA) aims to improve the security landscape at the national level and to align the Cyprus Security Strategy with the NIS2 Directive, as well as with the Cybersecurity Act and the Cyber Resilience Act.  The DSA is an independent State agency established in April 2018, under the Commissioner of Communications to conform to the NIS directive. The DSA is responsible for the implementation of the European NIS (Network and Information Security) Directive, with a strong focus on upgrading and maintaining high levels of cybersecurity for all operators of essential services and critical information infrastructures in our country, including operators in the energy, water, transport, health, banking, financial markets infrastructure, and digital infrastructure sectors.

The Digital Security Authority also includes the National CSIRT, offering proactive services, in the form of alerts and warnings to the local and international community, as well as reactive services, such as incident management in cases of cyber-incidents, to a range of constituents in Cyprus.

Furthermore, the DSA has established the National Cyber Security Certification Authority (NCCA) under the Cybersecurity Act. The creation of the NCCA is based on a recently established framework of collaboration among a number of entities, including Conformity Assessment Bodies, Laboratories and the National Accreditation body. The Cybersecurity Act aims to establish new cybersecurity certification schemes for products and services, as well as for Cloud Services and 5G technologies. The certification obtained in one European Union country by entities operating in the EU for their digital products, services and processes, will be recognized throughout the European Union.

Entities conforming to these standards and certifications, can demonstrate to customers, partners and regulators that their products or services have been attested to fulfil specific security requirements and concurrently provide evidence to regulators and the market that they are committed to following good security practices. This Certification captures the security requirements of broad communities and establishes among customers a confidence level that security requirements are being met.

Overall, we strive to ensure that data, systems and networks are protected with the ultimate goal of strengthening the national cybersecurity posture and maintaining a high level of cyber resilience.

Today’s event aims to provide a platform for experts, practitioners and stakeholders to exchange ideas, experiences and best practices. Such initiatives bring together experts in the field and promote the spirit of collaboration. We hope that this event will enable us all to deepen our understanding of the latest standards supporting conformity assessment in cyber security and help us identify the gaps and challenges that need to be addressed.

Once again, a warm welcome to all. We hope you have a productive and engaging day.