The European Commission is planning to enact a new cyber security regulation according to which manufacturers will have to certify their products in order to confirm that they have appropriate security mechanisms to protect their products and services against attacks. For this reason, Martin Emele, Vice President Marketing and Business Strategy Cyber Security, External Affairs & Governmental and Political Relations at ESCRYPT’s parent company ETAS, took part in a political dinner debate at the European Parliament in Brussels on January 23.
In his speech, he pointed out that - especially with regard to the automotive industry - more connectivity also means more responsibility on the part of manufacturers. This implies a strong focus on cyber security in order to achieve trust and wide acceptance of their IoT products. The Bosch Group would therefore welcome the European Commission’s “Cybersecurity Act” as an important first step towards more security in our increasingly connected world. But Martin Emele also made suggestions for improvement. He demanded, for example, a holistic and dynamic approach instead of static certification schemes. Because, in the end, it is not only about protecting a product. It is equally important to detect threats and to react accordingly. Or even better: to predict and avoid attacks in the first place.
Furthermore, he said that the “Cybersecurity Act” should only be the first step towards raising cyber security awareness via voluntary schemes. In addition, a second step for achieving a harmonized product regulation for cyber security is necessary, where the regulator defines what needs to be done in terms of high-level policies and security requirements for dedicated product sectors or classes.
In addition to Martin Emele, representatives from the European Parliament as well as from other industries, i.e. Siemens, ABB, GE Aviation, and Schneider Electric contributed to the discussion with speeches.
Please find details of Martin Emele’s speech here.