Gabriela Gheorghe, PhD - Cybersecurity Specialist at SECURITYMADEIN.LU/CASES joined CSB #48 to discuss how CSA will improve the current information security baseline.
When asked about the status of CSA, Gabriela Gheorghe, explains that there is a lot of work to do. CSA came into force in 2019, some further articles have been released this summer. “We haven’t seen a lot of countries in Europe that would implement directly any of the schemes that were proposed by ENISA. Different countries are trying to set up the ecosystem around the CSA basic actors in the sense that national cybersecurity authorities are in the process of being designated”, she explains.
“There is a lot of work to be done on the consumer side as well. Security requires awareness. Whenever consumers buy something, they should take a look at what is inside”, she continues.
It is however rather complex for users to understand what a good certification is.
She highlights the fact that complexity is very high. “In the end, there is this choice between certifying processes, products… The question is: are we really looking at just that or are we looking at the maturity of the organization that is behind?"
Watch the replay of CSB #48 here.