b2b-daily
Search
Close this search box.
Search
Close this search box.
Home | IT | Cyber Security

EU Considers Expanding Cybersecurity Regulation to Impact Big Tech, Banks, and Airlines

Avatar photo
by Bairon McAdams
November 27, 2023
Image Credit: Other
EU Considers Expanding Cybersecurity Regulation to Impact Big Tech, Banks, and Airlines
Table of Contents
  1. Overview of the EU Certification Scheme
  2. US tech giants and EU partnerships
  3. Obligations and Security Levels
  4. Supportive perspective of the CCIA
  5. Concerns raised by the CCIA
  6. Cloud adoption and the need for expanded regulation
  7. Objective of the EU Certification Scheme
  8. US tech giants and partnership requirements
  9. Review and adoption process

As technology continues to advance, the European Union (EU) is grappling with the need to widen the scope of cybersecurity regulation. With more companies transitioning to cloud-based solutions to drive innovation, there is a growing concern regarding the security of big tech firms, banks, and airlines. In response, the EU Union Agency for Cybersecurity (ENISA) has proposed a new EU certification scheme (EUCS) that focuses on cloud cybersecurity. This article delves into the details of the proposed scheme and its potential impact on various industries.

Overview of the EU Certification Scheme

The EU certification scheme (EUCS) proposed by ENISA aims to provide businesses and governments with guidelines when choosing cloud vendors. It emphasizes the importance of cloud cybersecurity and lays down obligations for cloud operations at different security levels. These obligations include strict requirements for data storage and processing in the EU and adherence to EU regulations. By implementing this scheme, the EU intends to enhance cybersecurity measures and mitigate the risks associated with cloud adoption.

US tech giants and EU partnerships

One notable requirement of the proposed EU certification scheme is that US tech giants like Amazon, Google, and Microsoft will need to partner with EU-based companies in order to obtain an EU cybersecurity label. This collaboration is necessary to ensure compliance with the stricter cybersecurity requirements set forth by the EU. The objective behind such a requirement is to promote a more localized and regulated approach to cloud services, while fostering European partnerships and strengthening the EU’s cybersecurity strategy.

Obligations and Security Levels

The draft proposal of the EU certification scheme has outlined obligations for cloud operations at four security levels. Each level has specific requirements and controls concerning data storage and processing. These obligations prioritize the secure handling of data and aim to prevent any potential breaches or unauthorized access. By implementing this tiered approach, the scheme seeks to provide a comprehensive framework that addresses the varying security needs of different industries.

Supportive perspective of the CCIA

The Computer and Communications Industry Association (CCIA) has expressed support for the expansion of the EU certification scheme. They believe that widening the scheme’s scope would bring more industries into the EU and foster growth. The CCIA recognizes the importance of cybersecurity, especially in an increasingly interconnected world, and believes that this scheme will not only enhance the security of cloud services but also encourage innovation.

Concerns raised by the CCIA

While the CCIA acknowledges the potential benefits of the EU certification scheme, they have also raised concerns about its impact on foreign cloud providers. They fear that the requirements could potentially discriminate against these providers, extending to lower levels of assurance. Sectors such as banks, airlines, utility companies, and heavily regulated industries, which heavily rely on cloud services, could face difficulties in complying with the stricter cybersecurity regulations. The CCIA urges the EU to consider the potential negative consequences and ensure a fair and inclusive approach.

Cloud adoption and the need for expanded regulation

The increasing adoption of cloud services by companies across various industries has created a pressing need for expanded cybersecurity regulation. As organizations become more reliant on cloud-based solutions, the potential risks associated with data breaches and cyber threats also increase. Recognizing this, the EU is seeking to address these concerns through the proposed certification scheme. By providing clear guidelines and obligations, the EU aims to establish a robust cybersecurity framework that protects the interests and data of businesses and consumers.

Objective of the EU Certification Scheme

The primary objective of the EU certification scheme is to ensure the cybersecurity of cloud services. It aims to establish a set of standards and requirements that cloud vendors must meet in order to offer their services in the EU market. By obtaining an EU cybersecurity label, companies can demonstrate their commitment to rigorous cybersecurity measures and compliance with EU regulations. This will help businesses and governments in choosing cloud vendors that prioritize security and adhere to the EU’s cybersecurity guidelines.

US tech giants and partnership requirements

The proposed EU certification scheme presents a challenge for US tech giants, as they may need to establish partnerships with EU-based companies to meet the stricter cybersecurity requirements. This requirement emphasizes the importance of local collaborations, providing an opportunity for European companies to play a significant role in the cloud services market. By partnering with EU-based firms, US tech giants can ensure compliance, benefit from local expertise, and build stronger relationships with European stakeholders.

Review and adoption process

The draft proposal of the EU certification scheme is currently under review by the European Commission. The Commission will carefully consider the potential impact, taking into account the perspectives of various stakeholders in the process. After thorough evaluation and consultation, the European Commission will make a final decision on the adoption of the EU certification scheme. This decision will shape the future of cloud cybersecurity in the EU and have far-reaching implications for businesses, consumers, and the overall digital landscape.

As technology evolves, so do the risks and challenges associated with cybersecurity. In response to the increasing reliance on cloud services, the EU is contemplating the expansion of cybersecurity regulation to impact big tech, banks, and airlines. The proposed EU certification scheme seeks to address these concerns by establishing cybersecurity standards and requirements for cloud vendors. The involvement of US tech giants and the necessity of EU partnerships create opportunities for collaboration and localized security solutions. However, the scheme’s potential discrimination against foreign cloud providers raises concerns. The European Commission’s final decision on the adoption of the EU certification scheme will determine the future direction of cybersecurity regulation in the EU and shape the landscape for businesses operating in the cloud.

Blockchain TechnologyInformation Security

Explore more

Is Fashion Tech the Future of Sustainable Style?
May 23, 2025

The fashion industry is witnessing an unprecedented transformation, marked by the fusion of cutting-edge technology with traditional design processes. This intersection, often termed “fashion tech,” is reshaping the creative landscape of fashion, altering the way clothing is designed, produced, and consumed. As new technologies like artificial intelligence, augmented reality, and blockchain become integral to the fashion ecosystem, the industry is

Can Ghana Gain Control Over Its Digital Payment Systems?
May 23, 2025

Ghana’s digital payment systems have undergone a remarkable evolution over recent years. Despite this dynamic progress, the country stands at a crossroads, faced with profound challenges and opportunities to enhance control over these systems. Mobile Money, a dominant aspect of the financial landscape, has achieved widespread adoption, especially among those who previously lacked access to traditional banking infrastructure. With over

Can AI Data Storage Balance Growth and Sustainability?
May 23, 2025

The exponential growth of artificial intelligence has ushered in a new era of data dynamics, where the demand for data storage has reached unprecedented heights, posing significant challenges for the tech industry. Seagate Technology Holdings Plc, a prominent player in data storage solutions, has sounded an alarm about the looming data center carbon crisis driven by AI’s insatiable appetite for

Revolutionizing Data Centers: The Rise of Liquid Cooling
May 23, 2025

The substantial shift in how data centers approach cooling has become increasingly apparent as the demand for advanced technologies, such as artificial intelligence and high-performance computing, continues to escalate. Data centers are the backbone of modern digital infrastructure, yet their capacity to handle the immense power density required to drive contemporary applications is hampered by traditional cooling methods. Air-based cooling

Harness AI Power in Your Marketing Strategy for Success
May 23, 2025

As the digital landscape evolves at an unprecedented rate, businesses find themselves at the crossroads of technological innovation and customer engagement. Artificial intelligence (AI) stands at the forefront of this revolution, offering robust solutions that blend machine learning, natural language processing, and big data analytics to enhance marketing strategies. Today, marketers are increasingly adopting AI-driven tools and methodologies to optimize