My favourites


About the Cybersecurity Act (CSA)

Full name: Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act)

Type: Regulation

Objective and key elements:

  • Setting a foundation for the cybersecurity strategy
  • Introducing a security by design requirement
  • Reinforcing ENISA, the EU Agency for Cyber Security, link
  • Complementing NIS (I)
  • Creating a European cybersecurity certification framework for ICT products, services, and processes
    the EU Agency for Cybersecurity
  • Complements NIS (I)
  • Creates a European Cybersecurity certification framework for ICT products, services and processes.

Relevant to: Mainly ENISA, relevant local authorities, certification actors, and suppliers of ICT products, services and processes

Status: In force since 27 June 2019