The European Common Criteria-based cybersecurity certification scheme (EUCC)

Published

Dec 05 2023

Written By

I am a seasoned attorney situated at the Bird & Bird Düsseldorf office, with a specialisation in cybersecurity and data protection law, and a co-head of the Bird & Bird International Cybersecurity Steering Group.

Practices

Sectors

Technology & Communications

Regions

Western Europe

In early October 2023, the Commission published the draft of the Commission Implementing Regulation setting out the European Common Criteria-based cybersecurity certification scheme (EUCC). This scheme will introduce a set of security requirements for ICT security products (for example firewalls, encryption devices, electronic signature devices) and ICT products with an inbuilt security functionality (i.e. routers, smartphones, bank cards). It will be relevant, inter alia, in the context of the implementation of the NIS2 Directive and the proposed Cyber Resilience Act.

The full article was published in the Connected newsletter.

To subscribe to our Connected newsletter click here

Latest insights

More Insights

The Commission’s Quick Fix? Freezing Additional ESRS Requirements for CSRD First-Wave Undertakings

6 minutes Jun 19 2025

From sales to sanctions: Optus faces $100 million penalty for unconscionable sales practices

Jun 19 2025

Dutch Court Backs The Hague’s Fossil Fuels Ad Ban

5 minutes Jun 18 2025