On 12 March 2019, the European Parliament issued its first position on the text proposed by the European Commission for a Regulation of the European Parliament and of the Council on ENISA (the European Union Agency for Network and Information Security), also known as the EU Cybersecurity Act.
Initiatives to build strong EU-wide cybersecurity
The EU Cybersecurity Act was proposed in 2017 to:
i) Provide a permanent mandate for ENISA (to replace its limited mandate that would have expired in 2020);
ii) Allocate more resources to ENISA to enable it to fulfil its goals; and
iii) Establish an EU framework for cybersecurity certification for products, processes and services that will be valid throughout the EU.
The European Parliament, Council and Commission reached an informal trialogue agreement on the proposal of the EU Cybersecurity Act in December last year. Now that the European Parliament adopted its first-reading position, it is expected that the European Council will adopt the proposed Regulation without further amendments. The Regulation will then be published into the EU Official Journal and will enter into force 20 days following that publication.