EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • The "new ENISA": Europe Kicks off!

    The “new ENISA”: Europe Kicks off!

    Written by
    Marc WATIN-AUGOUARD
    Général d’armée (2S)
    07.25.19
    Digital Sovereignty
    04
    MIN
    The “new ENISA”: Europe Kicks off!
    The “new ENISA”: Europe Kicks off!
    The “new ENISA”: Europe Kicks off!
    Image European organizations advocate for sovereign tech—but rarely use it
    Digital Sovereignty
    04.10.25 Digital Sovereignty
    Next article
    European organizations advocate for sovereign tech—but rarely use it
    Read
    01
    MIN
    Image The European Union unveils its cyber funding plan for 2025-2027
    Digital Sovereignty
    04.09.25 Digital Sovereignty
    Next article
    The European Union unveils its cyber funding plan for 2025-2027
    Read
    02
    MIN
    Image 2025, a decisive year for French cybersecurity
    Cybersecurity
    03.14.25 Cybersecurity
    Next article
    2025, a decisive year for French cybersecurity
    Read
    05
    MIN
    Image InCyber Forum - The European Metropolis of Lille : a win win partnership
    Digital Sovereignty
    03.12.25 Digital Sovereignty
    Next article
    InCyber Forum – The European Metropolis of Lille : a win win partnership
    Read
    04
    MIN

    (by Army General (2S) Watin-Augouard, Founder of the FIC)

    Europe kicks off!

    Such was the base line of the FIC 2019. As the European Union has become increasingly interested in the FIC–of which it promoted the creation–the FIC wanted to support its efforts to create a safer European digital space bearing the values that distinguish us and bring us together.

    Despite the difficulties, the digital Europe is waking up. This should be celebrated, since it complements the efforts of the Member States and offers an enabling environment for a shared sovereignty. It produces regulations and guidelines–the best known being the GDPR and the NIS Directive. This directive lays down requirements concerning the national capacities in cybersecurity and introduces the first measures to strengthen vital sectors to enhance strategic and operational cooperation between Member States.

    The Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification was published in the Official Journal of the Union on 7 June. It sustains ENISA, whose mandate was to end in 2020, and creates a three-level European certification.

    The « new ENISA », a Union body with legal personality, is now permanent. Its mandate (Art. 3 of the Regulation) states that it must provide advice regarding cybersecurity and promote operational cooperation both between Member States and between the Member States and Union institutions, bodies, offices and agencies. It also aims at providing skills and acting as a centre of information and knowledge of the Union. It should encourage the exchange of best practices between Member States and the private sector and propose actions to the Commission and the Member States.

    ENISA will need to support the development and enhancement of the national and Union computer security incident response teams (‘CSIRTs’) provided for in Directive (EU) 2016/1148, with a view to achieving a high common level of their maturity in the Union. It should not replace the Member States but should be able to provide support, upon request. ENISA should participate in cooperation actions with OECD, OSCE and NATO, without prejudice to the specific character of the security and defence policy of any Member State.

    The new regulation promotes the use of the European Cybersecurity Certification in order to tackle the fragmentation of the domestic market. It establishes the principle of mutual recognition within the EU of the certificates issued by a Member State. The aim is to build a uniform European cybersecurity certification framework to prevent « certification shopping » based on different levels of stringency in different Member states. This regulation does not leave the past behind as it aims « to make possible a smooth transition from the existing schemes under such systems to schemes under the new European cybersecurity certification framework. » According to the regulation, a « European cybersecurity certificate » is a document issued by a competent body certifying that a given ICT product, ICT service or ICT process has been evaluated with regards to its compliance with the specific security requirements laid down in a European scheme for cybersecurity certification. A Stakeholder Cybersecurity Certification Group is established. Its members are selected by the Commission from among recognised experts representing the relevant stakeholders. This governance of the certification must adopt patterns offering three levels: a « basic » level for non-critical systems (objects for the public), a « substantial » level, and a « high » level for systems presenting the highest risk to cyberattacks.

    It was feared that the « new ENISA » would be a supranational body, while the certification criteria would encourage the « lowest bidder » by choosing the lowest common denominator. The ANSSI (French national cybersecurity agency)–which just celebrated its ten years of existence–could not see its efforts annihilated. It expresses its satisfaction on its website.

    Former Inspector General of French armed forces – National Gendarmerie, General Watin-Augouard is today at the head of the Research Center of the National Gendarmerie Officers’ School (CREOGN). He founded the FIC in 2007.

    Marc WATIN-AUGOUARD
    07.25.19
    Articles by the same author:
    1
    03.01.22 Cyber stability
    To arms, cyber citizens! Form your battalions!
    Read
    04
    MIN
    2
    12.13.21 Digital Sovereignty
    Act No. 2021-1485 to reduce the environmental footprint of the digital sector in France
    Read
    06
    MIN
    3
    12.13.21 Digital Sovereignty
    Budapest Convention A second protocol to fight cybercrime
    Read
    10
    MIN
    4
    11.03.21 Digital Sovereignty
    Alert on the most sensitive ‘STAD’!
    Read
    08
    MIN
    Image European organizations advocate for sovereign tech—but rarely use it
    Digital Sovereignty
    04.10.25 Digital Sovereignty
    Next article
    European organizations advocate for sovereign tech—but rarely use it
    Read
    01
    MIN
    Image The European Union unveils its cyber funding plan for 2025-2027
    Digital Sovereignty
    04.09.25 Digital Sovereignty
    Next article
    The European Union unveils its cyber funding plan for 2025-2027
    Read
    02
    MIN
    Image 2025, a decisive year for French cybersecurity
    Cybersecurity
    03.14.25 Cybersecurity
    Next article
    2025, a decisive year for French cybersecurity
    Read
    05
    MIN
    Image InCyber Forum - The European Metropolis of Lille : a win win partnership
    Digital Sovereignty
    03.12.25 Digital Sovereignty
    Next article
    InCyber Forum – The European Metropolis of Lille : a win win partnership
    Read
    04
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.