Vogon Today

Selected News from the Galaxy

StartMag

What the cyber security agencies of France and Germany will do for a European certification system

What the cyber security agencies of France and Germany will do for a European certification system

The Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI) and the Bundesamt für Sicherheit in der Informationstechnik (BSI) have recently informally agreed to build common certification standards. The article by Giuseppe Gagliano

According to information gathered by Intelligence Online , the French and German cybersecurity agencies – the Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI) and the Bundesamt für Sicherheit in der Informationstechnik (BSI) – have recently informally agreed to build common certification standards.

This collaboration will be particularly beneficial for certain French industries, Thales and Gatewatcher, which are currently seeing their French market share shrink following the arrival of a third operator, Sesame, a few months ago.

The French and German authorities have already reached an agreement on basic safety certification which led BSI to create a BSZ certificate in 2018. In application in October, it is equivalent to ANSSI's CSPN and will therefore facilitate mutual recognition.

Initially, France and Germany were not in favor of creating a European certification system because ANSSI and BSI feared it could lead to the emergence of a European Union system that applied lower standards than those applicable in individual EU member states. This would have led to a leveling that would benefit non-European suppliers, in particular the United States, China, Israel and Russia.

The two agencies also feared that private certification offices might start to play a major role in the certification process. However, a common position adopted by France and Germany on cybersecurity standards could play a decisive role in the adoption of future EU standards.

The final version of the Cybersecurity Act, adopted by the EU in 2019 , has already demonstrated the power exercised by the two agencies. The act specifically prohibited certification by private companies, as well as "certification shopping", which refers to the practice of some operators to apply for certification in countries with less demanding standards as a means of entering the broader market of 'EU through the back door.

This synergy between France and Germany demonstrates once again the preponderant role of these two nations in the context of the European Union and demonstrates how this can have the possibility of carrying out a common defense and intelligence policy only when there is a real agreement of interest. between these two European powers.


This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/mondo/cosa-faranno-le-agenzie-di-sicurezza-informatica-di-francia-e-germania-per-un-sistema-di-certificazione-europeo/ on Fri, 17 Sep 2021 07:52:50 +0000.