Shaping Europe’s Cybersecurity Standards: Highlights From the 10th Cybersecurity Standardisation Conference

The 10th Cybersecurity Standardisation Conference, co‑hosted by CEN, CENELEC, ETSI and ENISA, marked a milestone for Europe’s coordinated approach to digital security. Bringing together policymakers, industry executives and researchers in Brussels, the event underscored how European standards have become a linchpin for the continent’s strategic autonomy. Participants examined the role of consensus‑based standards in a volatile geopolitical climate, stressing that while speed is essential, the rigorous quality that underpins EU certifications must remain intact. The conference therefore reinforced the EU’s commitment to a resilient digital single market.

A central theme was the rapidly evolving legislative framework, especially the Cyber Resilience Act (CRA) and its interaction with NIS2, the Digital Operational Resilience Act (DORA) and eIDAS. Speakers highlighted how harmonised standards now serve as the presumption of conformity, reducing compliance costs for firms while ensuring baseline security. Yet they warned that overly ambitious mandates could overwhelm small and medium‑size enterprises, prompting calls for flexible implementation schedules. By aligning CRA technical specifications with existing standards, the EU aims to streamline certification pathways and boost cross‑border trust among digital service providers.

Looking ahead, the conference participants affirmed that Regulation 1025/2012 remains fit for purpose but emphasized the need to accelerate technical specification development. They advocated for a more agile governance model that preserves the EU’s consensus ethos while responding to market velocity. Such reforms are seen as essential for positioning Europe as a global reference point in cybersecurity standards, reinforcing sovereignty and fostering export opportunities for European security solutions. Continued collaboration among ENISA, the ESOs and industry stakeholders will be critical to translating these ambitions into actionable standards.