In Europe, digital players are speaking up in unison in favour of implementing a compliance framework that meets the highest data protection and security requirements in order to boost the trust of companies, government and citizens in digital technology. Given the exponential growth of data, it is essential to establish security rules that guarantee transparency, protection and traceability.
Certifications as proof of trust
In France, the SecNumCloud security visa from the National Cybersecurity Agency of France (ANSSI) allows those who are qualified to prove that they meet the highest cloud computing security requirements. The qualification process is demanding, making it one of the criteria for receiving the government’s trusted cloud label and a reference for the future European certification from the European Union Agency for Cybersecurity (ENISA).
The European Commission asked ENISA, tasked with developing and preserving the EUCS (European Cybersecurity Certification Scheme for Cloud Services), to add sovereignty requirements to the project.
This approach reflects the SecNumCloud qualification requirements and has repercussions for the cloud computing suppliers on the EU market, ensuring that they prioritise European values and commitments.
A single security reference for Europe
The criteria chosen for the EUCS are all the more important since the scheme is intended to become the single security reference for all European countries. Thus, it must be a certification of Excellence consistent with the data protection and cybersecurity levels that are guaranteed by the reference security visas on the market.
The European cybersecurity certification must set the bar high to ensure that the security level within each Member State is consistent and to build a European digital ecosystem that can meet the strictest needs uniformly.
With the new ways of using digital technology, European users are entrusting their most strategic assets to digital players. It is therefore essential to preserve them both technically and legally against extraterritorial laws. This way, the European Union shows that it intends to be a self-sufficient global technological power. Implementing an ambitious certification process is in line with European values and commitments in terms of data protection, transparency and sovereignty.
In an ever-changing world, digital sovereignty gives us control over our destiny. It is essential that Europe guarantees the most demanding security framework possible to protect the sensitive data of our citizens, companies, and institutions.
Ultimately, the impact on Europe can only be beneficial in terms of the guarantees provided, confidently fostering the acceleration of the digital transformation with the support of French and European technology champions.