The EU Cyber Acts conference brought together key stakeholders from across Europe’s cybersecurity certification landscape, with a strong focus on the practical implementation of emerging regulatory frameworks. Among the contributors was Rasma Araby, Managing Director at atsec information security, who represented atsec in the panel discussion titled “EUCC Scheme—First Experience in Setting Up the Necessary Ecosystem (S20b)”.
The session, led by Ferenc Molnár, featured a panel of experienced experts including Sebastian Fritsch, Richard Skalt, and Graham Wallace. Together, they shared early insights into the rollout of the EUCC scheme and discussed what it takes to establish the supporting ecosystem in practice.
During the discussion, Rasma highlighted the challenges of translating a structured certification framework into operational reality. Key topics included the readiness of accredited facilities, coordination between stakeholders across different countries and regions, and the importance of consistently interpreting requirements. The panel emphasized that, while the EUCC framework provides a solid foundation, its success depends on strong collaboration and ongoing dialogue among all involved parties. The panel also discussed EUCC interplay with other cybersecurity certification requirements in other regulations, e.g. certification schemes for critical components in public telecommunication networks in Germany.
Beyond the panel session, a major theme throughout the conference was the Cyber Resilience Act (CRA). Discussions made it clear that preparation efforts must extend beyond manufacturers—who are already in various stages of readiness—to also include Notifying Bodies. Ensuring that these organizations are adequately prepared will be critical for supporting future conformity assessments and certification activities under the CRA.
Overall, the event underscored a shared commitment among participants to advance cybersecurity certification in Europe. atsec is committed to take an active role in shaping and supporting the evolving EU cybersecurity framework.
