Partner

FP

Authors

A. Michota and N. Polemi

Title

A Supply Chain Service Cybersecurity Certification Scheme based on the Cybersecurity Act

Open Access

DOI

Abstract

Since the provision of digital services in our days (e.g. container management, transport of COVID vaccinations or LNG) in most economic sectors (e.g. maritime, health, energy) involve national, EU and non-EU stakeholders compose complex Supply Chain Services (SCS). The security of the SCS is most important and it emphasized in the NIS 2 directive [3] and it is a shared responsibility of all stakeholders involved that will need to be compliant with a scheme. In this paper we present an overview of the proposed Cybersecurity Certification Scheme for Supply Chain Services (EUSCS) as proposed by the European Commission (EC) project CYRENE [1]. The EUSCS scheme covers all the three assurance levels defined in the Cybersecurity Act (CSA) [2] taking into consideration the criticality of SCS according to the NIS 2 directive [3], the ENISA Threat Landscape for Supply Chain Attacks [4] and the CYRENE extended online Information Security Management System (ISMS) that allows all SCS stakeholders to provide and access all information needed for certification purposes making the transition from current national schemes in the EU easier.

Publication medium

conference

Name

2022 IEEE International Conference on Cyber Security and Resilience (CSR)

Date of the workshops:

JULY 27-29, 2022

Location

Rhodes, Greece

Is this a peer-reviewed publication?

Yes

Is this a joint public/private publication?

No