In a letter dated 22 July sent to the EU Agency for Cybersecurity (Enisa), the European Data Protection Board calls for clarification of the links between the security levels of the EUCS (European Union Cybersecurity Certification Scheme for Cloud Services) and the European Data Protection Regulation (GDPR).
The EDPB “finds that several important issues related to the links between the cybersecurity risk assessment and personal data protection risk assessment need to be addressed” and...