Jusletter IT

EU – US comparison of approaches to cybersecurity certification and standardization

  • Autoren/Autorinnen: Václav Stupka / Jakub Vostoupal / Pavel Loutocký
  • Beitragsart: Sicherheit und Recht
  • Region: EU, USA
  • Rechtsgebiete: Sicherheit und Recht
  • Sammlung: Tagungsband IRIS 2023
  • DOI: 10.38023/f6181a06-5514-4cfb-927a-b695b6ee4dfa
  • Zitiervorschlag: Václav Stupka / Jakub Vostoupal / Pavel Loutocký, EU – US comparison of approaches to cybersecurity certification and standardization, in: Jusletter IT 27. April 2023
The increasing dependence of the information society on the confidentiality, availability and integrity of information and communication systems is forcing countries to introduce regulations to protect key infrastructures and systems. One of the tools of this regulation is the standardization and certification of ICT products and services. This area has undergone dynamic development in recent years, both in terms of the method of regulation and the approach to defining security requirements. This paper compares approaches to cybersecurity standardization and certification in the US and the EU, particularly in the context of new and pending legislation in the EU in the form of the Cybersecurity Act and the forthcoming Cyber Resilience Act. The paper aims to identify the differences between these regimes and their compatibility from the perspectives of certification providers, vendors and users.

Table of contents

  • 1. Introduction
  • 2. Frameworks, standards and certification in cybersecurity
  • 3. The US approach to cybersecurity regulation
  • 4. The EU approach to cybersecurity regulation
  • 5. The Cybersecurity Act
  • 6. The Winds of Change
  • 7. Fundamental differences
  • 8. Conclusions

0 Kommentare

Es gibt noch keine Kommentare

Ihr Kommentar zu diesem Beitrag

AbonnentInnen dieser Zeitschrift können sich an der Diskussion beteiligen. Bitte loggen Sie sich ein, um Kommentare verfassen zu können.