20 Jan 2022

Cybersecurity Requirements for ICT Products

Lorenzo Pupillo / Carolina Polito

0
Download Publication

2742 Downloads

In recent years, the EU has undertaken several initiatives with the aim of improving the legislation around product cybersecurity. Nevertheless, the current EU legislative framework seems still to be incomplete in respect to ICT products cybersecurity. Furthermore, evidences suggest that the heterogeneity of ICT products does not allow to aggregate risk profiles per ICT product category and/or sector. Hence, it follows the need to define a set of essential cybersecurity requirements for all ICT products, applicable during the entire lifecycle.

Against this background, the study concludes that the horizontal legislation would represent the most cost-effective policy option, creating greater security in the Single Market while enhancing the business competitiveness, with both the sector specific and mixed approach being the second best. However, a more comprehensive and quantitative assessment of these policy options should be performed in a follow up study.

Related Publications

Browse through the list of related publications.

The EU Data Act

Towards a new European data revolution?

Future-proofing pandemics

Analysing the EU’s proposal to clarify and simplify the compulsory licensing procedure

Competition Policy and State Aid: Defining a sustainable path for Europe’s recovery

Towards a Resilient and Sustainable Post-Pandemic Recovery Working Group Report of the New Industrial Strategy for Europe Task Force

Healthcare and Pharmaceuticals

Towards a Resilient and Sustainable Post-Pandemic Recovery Working Group Report of the New Industrial Strategy for Europe Task Force

The Digital Transition

Towards a Resilient and Sustainable Post-Pandemic Recovery Working Group Report of the New Industrial Strategy for Europe Task Force

Strategic Value Chains

Towards a Resilient and Sustainable Post-Pandemic Recovery Working Group Report of the New Industrial Strategy for Europe Task Force

Artificial Intelligence and Cybersecurity

Technology, Governance and Policy Challenges Report of a CEPS Task Force