A would-be technical development could have potentially significant consequences for cloud service providers established outside the EU. The proposed EU Cybersecurity Certification Scheme for Cloud Services (EUCS)—which has been developed by the EU cybersecurity agency ENISA over the past two years and is expected to be adopted by the European Commission as an implementing act in Q1 2024—would, if adopted in its current form, establish certain requirements that could:
- exclude non-EU cloud providers from providing certain (“high” level) services to European companies, and
- preclude EU cloud customers from accessing the services of these non-EU providers.
Continue Reading Implications of the EU Cybersecurity Scheme for Cloud Services