The Government is requesting submissions from interested parties on its approach to cyber security certification as regulated by the EU Cyber Security Act (CSA) and the intended cooperation with the EU, following the UK’s departure from the EU. 

The CSA came into force on 27th June 2019 and established a framework under which EU-wide cyber security certification schemes will be implemented. It seeks to prevent unnecessary market fragmentation by harmonising certification schemes operating within the EU. The UK was actively involved in the development of the CSA and is committed to ensuring cyber security across Europe.

It is the UK’s understanding that the CSA will allow mutual recognition of cyber security certification schemes operating in the UK and the EU. This means that certificates issued in the UK will be treated in EU markets in the same way as EU-issued certificates, and vice versa.

The Government is seeking feedback on its proposed approach. To read more about the CSA, or to submit a response, click here