BETA

16 Amendments of Evelyne GEBHARDT related to 2017/0225(COD)

Amendment 101 #
Proposal for a regulation
Recital 55 a (new)
(55a) In light of innovation trends, and the growing accessibility and constantly increasing number of IoT devices in all sectors of society, particular attention must be paid to the security of all and even the simplest of IoT products. Therefore, as certification is a key method for increasing trust in the market and increasing security and resilience, emphasis should be given to IoT products and services in the new EU cybersecurity certification framework, in order to make them less vulnerable and safer for consumers and businesses.
2018/03/02
Committee: IMCO
Amendment 109 #
Proposal for a regulation
Recital 56 a (new)
(56a) Among the evaluation methods and assessment procedures related to each European cybersecurity certification scheme, ethical hacking, the aim of which is to locate weaknesses and vulnerabilities of devices and information systems by anticipating the intended actions and skills of malicious hackers, should be promoted at Union level.
2018/03/02
Committee: IMCO
Amendment 156 #
Proposal for a regulation
Article 4 – paragraph 7
7. The Agency shall promote a high level of awareness of citizens, authorities and businesses on issues related to the cybersecurity.
2018/03/02
Committee: IMCO
Amendment 159 #
Proposal for a regulation
Article 5 – paragraph 1 – point 1
1. assisting and advising, in particular by providing its independent opinion and supplying preparatory work, on the development and review of Union policy and law in the area of cybersecurity, as well as sector-specific policy and law initiatives where matters related to cybersecurity are involved;
2018/03/02
Committee: IMCO
Amendment 169 #
Proposal for a regulation
Article 5 – paragraph 1 – point 4 – point 2
(2) the promotion of an enhanced level of security of electronic communications, data storage and data processing, including by providing expertise and advice, as well as facilitating the exchange of best practices between competent authorities;
2018/03/02
Committee: IMCO
Amendment 177 #
Proposal for a regulation
Article 7 – paragraph 8 – point a
(a) aggregating reports from national and international sources with a view to contribute to establishing common situational awareness;
2018/03/02
Committee: IMCO
Amendment 181 #
Proposal for a regulation
Article 8 – paragraph 1 – point a – point 1 a (new)
(1a) carrying out independent periodic ex-post checks on the compliance of certified ICT products and services with this Regulation;
2018/03/02
Committee: IMCO
Amendment 203 #
Proposal for a regulation
Article 13 – paragraph 1
1. The Management Board shall be composed of one representative of each Member State, and two representatives appointed by the Commission and the European Parliament. All representatives shall have voting rights.
2018/03/02
Committee: IMCO
Amendment 208 #
Proposal for a regulation
Article 19 – paragraph 2
2. The Executive Director shall report annually to the European Parliament on the performance of his or her duties or when invited to do so. The Council may invite the Executive Director to report on the performance of his or her duties.
2018/03/02
Committee: IMCO
Amendment 214 #
Proposal for a regulation
Article 20 – paragraph 4
4. The term of office of the Permanent Stakeholders’ Group’s members shall be two-and-a-half years. Members of the Management Board and of the Executive Board, except the Executive Director referred to in paragraph 3, may not be members of the Permanent Stakeholders’ Group. Experts from the Commission and the Member States shall be entitled to be present at the meetings of the Permanent Stakeholders’ Group and to participate in its work. Representatives of other bodies deemed relevant by the Executive Director, who are not members of the Permanent Stakeholders’ Group, may be invited to attend the meetings of the Permanent Stakeholders’ Group and to participate in its work.
2018/03/02
Committee: IMCO
Amendment 282 #
Proposal for a regulation
Article 46 – paragraph 1
1. AEach European cybersecurity certification scheme may specify one or more of the following assurance levels: basic - “functionally secure”, substantially secure” and/or high,ly secure” - for ICT products and services issued under that scheme, taking into account, inter alia, their intended use and their inherent risk.
2018/03/02
Committee: IMCO
Amendment 295 #
Proposal for a regulation
Article 46 – paragraph 2 – point a
(a) assurance level basic shall refer to a certificate issued in the context of a European cybersecurity certification scheme, which provides a limited degree of confidence in the claimed or asserted cybersecurity qualities of an ICT product or service, and is characterised with reference to technical specifications, standards and procedures related thereto, including technical controls, the purpose of which is to decrease the risk of cybersecurity inciden“functionally secure” shall be related to a low risk of an ICT product and service. A low level of risk exists when an attack on the ICT product and service does not compromise the confidentiality, integrity, availability, privacy or other important objectives, nor the health of users or third parties, the environment, other important legal interests or critical infrastructure and its supporting systems or products;.
2018/03/02
Committee: IMCO
Amendment 301 #
Proposal for a regulation
Article 46 – paragraph 2 – point b
(b) assurance level substantial shall refer to a certificate issued in the context of a European cybersecurity certification scheme, which provides a substantial degree of confidence in the claimed or asserted cybersecurity qualities of an ICT product or service, and is characterised with reference to technical specifications, standards and procedures related thereto, including technical controls, the purpose of which is to decrease substantially the risk of cybersecurity incidenly secure” shall be related to a higher risk of an ICT product and service. A higher level of risk exists when an attack on the ICT product and service compromises the confidentiality, integrity, availability, privacy or other important objectives, and has implications to the health of users or third parties, the environment, other important legal interests or critical infrastructure and its supporting systems or products;.
2018/03/02
Committee: IMCO
Amendment 306 #
Proposal for a regulation
Article 46 – paragraph 2 – point c
(c) assurance level high shall refer to a certificate issued in the context of a European cybersecurity certification scheme, which provides a higher degree of confidence in the claimed or asserted cybersecurity qualitiesly secure” shall be related to a high risk of an ICT product and service. A high level of risk exists when an attack ofn an ICT product orand service than certificates with the assurance level substantial, and is characterised with reference to technical specifications, standards and procedures related thereto, including technical controls, the purpose of which is to prevent cybercompromises the confidentiality, integrity, availability, privacy or other important objectives and reasonably endangers the national sovereignty or public security incidentof states.
2018/03/02
Committee: IMCO
Amendment 408 #
Proposal for a regulation
Article 50 – paragraph 3
3. Each national certification supervisory authority shall, in its organisation, funding decisions, legal structure and decision-making, be independent of the entities they supervise and shall not be a conformity assessment body or a national accreditation body.
2018/03/02
Committee: IMCO
Amendment 444 #
Proposal for a regulation
Annex I – paragraph 1 – point 3
3. A body belonging to a business association or professional federation representing undertakings involved in the design, manufacturing, provision, assembly, use or maintenance of ICT products or services which it assesses, may, on condition that its independence and the absence of any conflict of interest are demonstrated, be considered a conformity assessment body.Deleted
2018/03/02
Committee: IMCO