On Friday 13 February, the European Commission presented a new EU ICT (information and communication technologies) Supply Chain Security Toolbox designed to “identify, assess and mitigate cybersecurity risks”.
The ‘toolbox’, intended for Member States, describes risk scenarios and recommends mitigation measures, including the assessment of suppliers deemed essential and the importance of avoiding risky dependencies.
This strategy, drawn up by the NIS2 cooperation group (Member States, European Commission and ENISA), is part of the revision of the law on cybersecurity presented on 20 January (see EUROPE 13790/1).
This revision marks a turning point in European strategy: for the first time, the EU has a regulatory framework that gives it the option of excluding foreign suppliers from its supply chains.
The publication also includes two risk assessments on connected and autonomous vehicles and on border and customs detection equipment.
To see the ‘toolbox’: https://aeur.eu/f/kq6 (Original version in French by Isalia Stieffatre)