BRUSSELS – Today, global tech trade association ITI led a virtual delegation to visit to the European Union Agency for Cybersecurity (ENISA). During the gathering, ITI’s members discussed a wide range of topics related to EU cybersecurity with ENISA leadership, including ENISA’s Certification Framework roadmap, work plan and strategy; review of the NIS Directive; 5G and supply chain security and the implementation of the EU 5G security toolbox; EU AI policy; and challenges arising from the COVID-19 pandemic.
ITI presented key recommendations on areas of mutual interest for ENISA and the tech industry, covering cybersecurity certification, 5G policy principles, and trustworthy AI.
“Cybersecurity policy issues continue to be a top priority for the tech industry, and it is even more important that we address these challenges in coordination with government partners in the context of the rollout of new technologies such as 5G and AI” said John Miller, ITI’s Senior Vice President of Policy and Senior Counsel. “We appreciate the opportunity we had today to present our recommendations for ENISA’s consideration and look forward to continuing to work closely together in the months and years ahead.”
The discussion focused on ENISA’s current workstreams and future priorities. Artificial Intelligence notably is an area where ENISA will engage through a threat landscaping exercise due by the end of 2020.
ENISA colleagues showed great satisfaction with ENISA’s and Member States’ work on 5G supply chain security, highlighting that Member States had made implementing the EU’s 5G toolbox a priority.
On the NIS Directive, ENISA will continue to support the revision done by the European Commission. ITI recommended that any potential revision of the scope of the Directive should follow a risk-based approach grounded in risk analysis and threat-based information.
Summarizing the event, ENISA Executive Director Juhan Lepassaar recapped how important the technology industry was during the COVID-19 pandemic and how “basic cyber hygiene became increasingly important during this time as society had to rapidly digitalise.” He added that, “The new tools and tasks that ENISA has been equipped with via the Cybersecurity Act can be used to tackle new cybersecurity challenges. There is quite a way to go to align the two main pillars of cybersecurity in Europe: the NIS Directive and the Cybersecurity Act.”