ENISA: Standards Supporting Certification
This report explores five distinct areas, which have frameworks, schemes or standards that can potentially be evolved to EU candidate cybersecurity certification schemes.
These five areas are Internet of Things (IoT), cloud infrastructure and services, threat intelligence in the financial sector, electronic health records in the healthcare and qualified trust services. The study reflects on the standards currently available on these five areas of interest and identifies existing gaps. It further proposes reasonable recommendations on how these gaps can be addressed, especially by standardisation bodies, and how the available standards could potentially be adapted to form the basis of future candidate EU cybersecurity certification schemes.