Hi All,
This study proposes a set of initial methodological steps to work towards a market
analysis on cybersecurity certification of ICT products, ICT services, and ICT processes.
The performance of a market analysis on cybersecurity certification aims to contribute to
the EU cybersecurity certification framework and the planning activities of the European
Commission, the ECCG, and the SCCG by identifying future areas for cybersecurity
certification.
The proposed steps described in this study are divided into four main sections and cover:
i) the identification of the context of the market analysis,
ii) the scope of the target of analysis,
iii) assessing the impact of a cybersecurity certification initiative and
iv) the identification of the available options and possible initiatives.
The goal is to be able to identify certification needs or 'gaps' in the market without relying solely
on the input of stakeholders, but rather to provide evidence both from the supply and demand sides
while factoring in societal and economic aspects.
This first attempt on proposing such a methodology is expected to evolve and to be further
developed and improved after the publication of the Union Rolling Work Programme by the
European Commission. It is expected that a more mature market analysis methodology will be
able to generate information that feeds the identification of the strategic priorities set by the
European Commission, the ECCG, and the SCCG. The methodology also aims to provide
valuable input to the preparations of candidate cybersecurity certification schemes.
@Daniele Catteddu@JOHN DIMARIA
------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------