Description

Adopted amendments to the Cybersecurity Act (EU) 2019/881 by the Council of the European Union

On 2 December 2024, the Council of the European Union (EU) adopted amendments to the Cybersecurity Act (EU) 2019/881 as regards managed security services. The intended amendments would facilitate the introduction of European cybersecurity certification schemes specifically for managed security services. The amendment would be an extension to the existing coverage of the Cybersecurity Act, which already includes certification for information and technology (ICT) products, ICT services, and ICT processes. The Amendments acknowledge the growing significance of managed security services in preventing, detecting, responding to, and recovering from cybersecurity incidents. These services may include activities such as incident management, penetration testing, security assessments, and technical support consulting.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
supranational
Government Branch
executive
Government Body
parliament

Complete timeline of this policy change

Hide details
2023-04-18
under deliberation

On 18 April 2023, the EU Commission submitted a proposal for a regulation of the European Parliamen…

2023-11-15
under deliberation

On 15 November 2023, the Council of the European Union (EU) adopted its position on the EU Commissi…

2024-12-02
adopted

On 2 December 2024, the Council of the European Union (EU) adopted amendments to the Cybersecurity …