Strategic Partnership for Cybersecurity – CCLab and WonSec Technology Join Forces for EUCC Certification
3
min reading time
On March 21, 2025, a special event took place at CCLab’s headquarters in Budapest, Hungary: we had the pleasure of welcoming the delegation of WonSec Technology, and together we signed a strategic cooperation agreement focused on the EU Cybersecurity Certification Scheme on Common Criteria (EUCC).
This partnership marks a milestone not only for CCLab but for the broader European certification ecosystem as well. Our joint goal is to support the secure and compliant entry of ICT products and services into the European market, especially in light of the soon-to-be mandatory EUCC requirements.
Why does EUCC matter?
The EUCC (EU Cybersecurity Certification Scheme on Common Criteria) is the European Union’s new cybersecurity certification framework, set to gradually replace fragmented national schemes starting in 2025. Its purpose is to establish a unified, high-security standard for ICT products across the EU. Built upon the international Common Criteria standard, EUCC strengthens requirements around data protection, supply chain security, and vulnerability analysis - raising the bar for manufacturers and developers worldwide.
CCLab and WonSec Technology: combining expertise across continents
CCLab is among the first evaluation facilities officially authorized by the EU to conduct EUCC assessments. With over a decade of experience in Common Criteria evaluations and consultancy, we are proud to support global clients with a trusted and professional approach.
Our partner, WonSec Technology, is a leading digital security and certification provider in China, with extensive experience and technological strength. Through this collaboration, we aim to jointly assist manufacturers and developers preparing for the European market and striving to meet the demanding EUCC criteria.
Building a safer digital future together
This agreement is more than a partnership, it is a shared commitment to global cybersecurity. We believe that international cooperation and knowledge exchange are essential to building a secure and sustainable digital economy.
At CCLab, we remain committed to delivering reliable, high-quality certification services in cooperation with our partners - not only in Europe, but worldwide.
Related downloadables
Related downloadables
EUCC Study - The New European Union Cybersecurity Certification Scheme
EUCC Study - The New European Union Cybersecurity Certification Scheme
Download EUCC Study 2024 for the most important and up-to-date information about the new European Union Cybersecurity Certification Scheme
Guide and Checklist for Common Criteria Evaluations - updated with EUCC Scheme
Guide and Checklist for Common Criteria Evaluations - updated with EUCC Scheme
Learn everything you need to know for a successful Common Criteria certification project. Save costs and effort with your checklist.
Related news
Preparing Legacy Systems for Common Criteria Certification
Legacy systems power critical operations across industries worldwide, yet they present unique challenges when organizations pursue Common Criteria certification. The clock is ticking for manufacturers and enterprises who must navigate complex compliance requirements while maintaining operational continuity. Organizations pursuing Common Criteria certification must address unique challenges when dealing with legacy infrastructure, but with the right approach, success is achievable. The urgency cannot be overstated. Regulatory deadlines approach rapidly, and the cost of non-compliance continues to escalate. Legacy systems that once served as reliable workhorses now require strategic transformation to meet modern security standards. This guide provides actionable strategies to prepare your legacy infrastructure for certification success.
10
min reading time
.jpg)
The CRA as the Cornerstone of the EU Cybersecurity Ecosystem
This article provides an in-depth overview of the EU Cyber Resilience Act (CRA), explaining why the regulation was introduced, its key security requirements, conformity assessment routes such as Module A, the role of harmonized standards, and the lifecycle obligations manufacturers must meet.
10
min reading time
Beyond 2025: Why RED is the Blueprint for CRA Success
The August 1, 2025 deadline for the Radio Equipment Directive (RED) Delegated Act has passed. You have likely spent the last year scrambling to test devices, freeze software, and secure approvals. But just as the dust settles, a new challenge looms: the Cyber Resilience Act (CRA) is now getting in force, with full application expected by December 11, 2027. The immediate worry for many manufacturers is simple: Was the investment for RED wasted? Is the work done for the 2025 deadline just a temporary fix destined to be withdrawn when the CRA takes over? The answer is no, if a strategic approach is taken. The two regulations are "in sync," and the work done for RED-DA is the essential foundation for future CRA compliance.
9
min reading time