Media interviews with Chair of ASD Cyber Task Force

In interviews this week with EU News, Euractiv, and Europe.Table, the Chair of the ASD Cyber Task Force, Giorgio Mosca (Leonardo), highlighted the pressing need for common security standards in cloud services for the European defence industry.

The European Union's current efforts to develop a cybersecurity certification scheme for cloud services, spearheaded by ENISA and the European Cybersecurity Certification Group (ECCG), fall short of industry expectations. ASD is advocating for a review of the delegated act implementing cybersecurity regulation, urging for higher security standards – referred to as High+  – to avoid fragmented rules across national states.

Giorgio Mosca is quoted: “We believe that if we want to talk about the security of supply we have to talk about the security of supply chains and the secure ways of connecting these chains.” ‘“We see at least two types of impacts.” The first is that “we will probably find ourselves more exposed to cyber-attacks,” because “if data is outside the European Union, we have communication channels outside of our control,” and this makes us more vulnerable and “also subject to possible disruptions.” Second, “we see an economic impact. In the Commission, we always talk about wanting to reduce the administrative burden and costs for businesses but doing so seems to us to be going in the opposite direction.”’

Clarity in these standards is crucial for the industry's competitiveness. Mosca is quoted further: “The EU has an important role for harmonisation, and eliminating security standards makes no sense because it produces exactly the opposite, a fragmentation.”

ASD Note on EU Cybersecurity Certification Scheme for Cloud Services

Deliberations on the proposed European Cybersecurity Certification Scheme for Cloud Services (EUCS) have been ongoing since December 2019. Much of the discussion have been centred around the inclusion of transparent and harmonised criteria at the highest ...
Learn more