The Challenges of Software Cybersecurity Certification [Building Security In]

In 2019, the new European Union (EU) cybersecurity regulation "Cybersecurity Act" ("CSA")¹ entered into force to create a common framework for the certification of any information and communication technology (ICT) system, including products, services, and processes. The main purpose of this framework is to reduce the current fragmentation of cybersecurity certification schemes2 as well as to increase end users? trust in a hyperconnected society3 by fostering a mutual recognition of certified ICT components in any EU country.