On privacy issues and problems, one of the priorities is the strengthening of cybersecurity policies by cloud service providers. For this reason, the European Cybersecurity Certification Scheme for Cloud Services (EUCS), one of the first IT security schemes in Europe, is being set up to obtain an official stamp of approval from European authorities. It includes rules, technical requirements, standards and procedures that strengthen the cybersecurity of ICT services and products offered to European citizens, initiated by the European Union Agency for Cybersecurity (ENISA).
The challenge is to harmonise a diverse set of market players, complex structures, and different systems in the member states to agree on single standards and an official stamp of approval by European authorities. The new standards will be applied to every cloud service, from infrastructure to applications, defining a very precise set of security requirements to comply to. ENISA's goal is to define a single, up-to-date framework, harmonising European regulations, international standards, industry best practices and certifications already in place in the Member States.
However, in order to ensure the transition from current national systems to a single framework, it is necessary to involve all actors, structures and the whole landscape of cloud services, establishing the guaranteed level of cybersecurity between 'Basic', 'Substantial' and 'High'.