CMVP is committed to the creation of tools to automatize the processes and procedures related to the evaluation and testing of cryptographic modules FIPS 140-2 and FIPS 140-3 to address the problem of long delays. At jtsec we welcome this type of initiatives, as the promotion of automatization in the processes used in cybersecurity certifications has been part of our nature since the beginning.
Since 2018, when the Catalogue of Information and Communication Technology Security Products (CPSTIC for its acronym in Spanish) was created and, taking into account the great evolution since the beginning, there have been many doubts that different manufacturers, consultants or laboratories have asked us.
Therefore, we have compiled the most common FAQs related to the CPSTIC catalogue that can serve as a guide or resolve doubts related to the CSPTIC catalogue.
Last week took place the III Encuentro ENS, organized by the CCN (the National Spanish Certification Body), one of the most important cybersecurity meetings in Spain. We could not miss the opportunity to be actively present as speakers. So we offered a talk to show how cybersecurity certification and the CPSTIC catalog can be used in an innovative way. In this edition, we decided to collaborate as VIP sponsors, thus supporting events that offer visibility to the work done by CCN, both with the adoption of the ENS and the CPSTIC catalogue.
The Machinery Directive is the core European legislation regulating products of the mechanical engineering industries, which function is to establish a regulatory framework for placing the machinery on the Single Market. The European Commission took the decision to revise this directive in order to convert it into a Regulation enhancing harmonization for the near future, including cybersecurity requirements
ENISA has published this week an update of the EUCC (Common Criteria based European candidate cybersecurity certification). A scheme that we are deeply proud to be published, since jtsec has actively participated through the Ad Hoc Working Group and the Stakeholders Cybersecurity Certification Group in the creation of the candidate scheme named by ENISA as valid for the certification of ICT products.
