Act now, EUCC transition approaches!

Start Your CC evaluation with CCLab before the change

‍

Here are the most important changes of Q1 2024 in cybersecurity. Read our newsletter and find out more about the most important changes of 2024 including the upcoming EUCC and UK PSTI Act.

In CCLab’s 2024 Q1 newsletter: 

- we report on the EUCC, 

a Common Criteria-based certification scheme that uses the internationally acclaimed, proven methods used in Common Criteria, scheduled to begin implementation on February 27, 2025

- we help you understand the UK PSTI Act, 

which will soon come into force in the United Kingdom, what it means for manufacturers, and how CCLab can help you comply with the requirements

- we present our joint webinar with QIMA on UK PSTI, 

which is available for FREE on our website on-demand

- we introduce our latest training material, the ETSI Guide Course, which helps IoT device manufacturers meet the requirements of the ETSI EN 303 645 standard.

The EUCC - Start the evaluation with CCLab before the deadline

Europe's Latest Cybersecurity Certification Scheme deadline is here

EUCC, the European Union Cybersecurity Certification Scheme aims to establish a unified framework for certifying the cybersecurity of products, processes, and services within the European Union. It provides a common set of standards and criteria for evaluating the security of digital products and services, thereby enhancing trust and confidence among consumers, businesses, and regulators.

The enforcement of the EUCC regulation is scheduled to commence on February 27th, 2025. Following this, existing national cybersecurity certification schemes will cease operations within 12 months. Vendors must understand that any certification processes initiated within the subsequent year of the regulation's enactment must be finalized by February 2027. New Common Criteria evaluation projects can be initiated utilizing the prevailing, well-established procedures under the existing national schemes before the aforementioned deadline.

EUCC, the European Union Cybersecurity Certification Scheme, marks a pivotal step forward in ensuring the security of products circulating within the European market. This innovative scheme aims to streamline the evaluation and certification process for cybersecurity products, offering manufacturers and consumers alike a standardized framework for assessing security measures.

With EUCC, manufacturers can navigate the complexities of cybersecurity compliance more efficiently, reducing time-to-market for their products while bolstering consumer trust.

Consumers, on the other hand, can make more informed purchasing decisions, confident in the knowledge that EUCC-certified products meet rigorous cybersecurity standards. This increased transparency and accountability foster a safer digital ecosystem for all stakeholders involved.

As Europe prioritizes cybersecurity in an increasingly interconnected world, EUCC emerges as a beacon of progress and collaboration. Stay tuned as CCLab explores the implications of EUCC and provides valuable insights into navigating this evolving cybersecurity landscape. Read our comprehensive blog post on EUCC.

Get ready for UK PSTI in time

The relevant part of the UK PSTI Act regulating consumer connectable product security will become effective on April 29, 2024

Upon its departure from the European Union, the United Kingdom (UK) has assumed full autonomy in determining its cybersecurity regulations, thereby exiting the EU's cybersecurity framework. With its own set of national laws and standards, the UK is no longer bound to adopt EU regulations or directives in this domain automatically. Instead, it has established the Product Security and Telecommunications Infrastructure (PSTI) as its regulatory system.

The primary objective of the UK PSTI is to bolster the security of connectable products and mitigate associated cybersecurity risks within the UK. Under this regulation, manufacturers of connected devices, whether wired or wireless, are mandated to adhere to these requirements and undergo compliance assessments.

At CCLab, we understand the importance of ensuring compliance with this legislation to safeguard your products and maintain UK market access. Our comprehensive service to UK PSTI compliance offers invaluable insights and practical strategies to help you navigate the complexities of this regulatory framework. From understanding the key provisions of the PSTI Act to implementing effective security measures, CCLab helps to cover all aspects of compliance to ensure your products meet the stringent requirements set forth by UK regulators.

Whether you're a seasoned industry professional or new to cybersecurity regulations, we offer essential resources and expert guidance to support your journey toward PSTI compliance.

Watch our free on-demand webinar on UK PSTI

Find out more about the regulatory system and prepare for the upcoming deadline

Recently, CCLab partnered with QIMA to host an insightful webinar on the UK PSTI Act to demystify compliance with the UK Product Security and Telecommunications Infrastructure (PSTI) regulations.

During the webinar, industry experts delved into the nuances of the UK PSTI framework, shedding light on its implications for manufacturers of connectable products. Participants gained valuable insights into the key provisions of the regulation, compliance requirements, and best practices for ensuring adherence to the UK PSTI standards.

For those who missed the live webinar, do not worry! The recording is now available on-demand, free of charge, on the CCLab website. To access the on-demand webinar recording, please visit the following page:

New training course offered by CCLab

The ETSI Guide Course has arrived

CCLab created the ETSI Guide Course, an educational material package for Software Developers to maximize the efficiency of the preparation of their consumer IoT device’s ETSI 303 645 certification. The training package includes tutorial videos and presentations for each provisioning group.

‍

Check out the course page for detailed information about:

• why we created this course
• who is this course for
• the detailed structure of the course
• how you can prepare for an evaluation according to ETSI EN 303 645
• what and how many training materials and tutorial videos do you have access to
• what are the benefits of subscribing to the ETSI Guide Course

‍

Watch the short video about the ETSI Guide course to see why subscribing is a good decision: