The European Union Cybersecurity Act creates a European-wide certification scheme for ICT products, services and processes. This will improve IoT security, as customers can have better visibility on the security of IoT solutions.

The EU Cybersecurity Act proposes three levels of security assurance:

  • Basic, which requires a conformity self-assessment;
  • Substantial, which requires a technical review against the security requirements;
  • High, which requires an efficient third-party testing of the security functionalities.

The EU Cybersecurity Act makes security a business enabler: it is anticipated that customers will require IoT products to be certified. For example, operators of essential services will require certified IoT devices to comply with their NIS Directive requirements.

Cetome supports IoT manufacturers to enhance the security of their products, services and processes. We assess your existing security and support your compliance to ensure you can be secure and stay secure in line with the requirements of the EU Cybersecurity Act.

Our EU Cybersecurity Act Offering

Cetome helps you prepare to the EU Cybersecurity Act. We adapt our solutions to secure Consumer and Industrial IoT.

Readiness Assessment and Preparedness

Cetome can assess your current readiness against the requirements of the EU Cybersecurity Act. Depending your current security posture, we will advise you on how to better prepare for certification.

Security Measures for EU Cybersecurity Act

The EU Cybersecurity Act requires several security measures, including Security by Design and by Default. Cetome will help you understand and implement these security measures at every stage of your solution's lifecycle to reach the requirements of the EU Cybersecurity Act for your products, services or processes.

Certification support

Cetome will review your security implementation and support your efforts to reach a certification-level. We can help you claim "basic" and "substantial" security levels, as well as prepare you for accreditation to a "high" security level by a recognised certification body.

Awareness and Training

We raise awareness on the EU Cybersecurity Act, its requirements, challenges, and implementation so that it can benefit the business by making security more visible.