The newly adopted ''EU Cybersecurity Act'' will establish a European Cybersecurity Certification Framework for ICT products and services allowing certificates (for software and hardware products) to be valid and recognised across all EU Member States. Certification can play an important role in increasing trust and security in products and services that we either buy or consume. This session explored certification, standardisation and assurance aspects considering various legal, technological and economical challenges.

Moderator: Aristotelis Tzafalias, Senior Policy Officer, Cybersecurity & Digital Privacy Policy Unit, DG CONNECT, European Commission

Aristotelis Tzafalias is a Policy Officer in the Unit 'Cybersecurity and Digital Privacy Policy' in DG CNECT. Mr Tzafalias is working on the implementation of the European Cybersecurity Certification Framework put in place by the Cybersecurity Act and works closely with other Commission Services and the European External Action Service on cybersecurity policy in areas such as financial services, trade, cybercrime and law enforcement. Mr Tzafalias studied Computer Science at the University of Crete in Heraklion.

Speakers:

• Massimo Felici, Cyber Risk Manager, Deloitte Consulting & Advisory Brussels

Title of the presentation: Cybersecurity at scale for Digital Enterprises

Dr. Massimo Felici holds a PhD in Computer Science from University of Edinburgh (United Kingdom) and an MSc in Computer Science from University of Catania (Italy). He is advising European Institutions and European Agencies such as ENISA and eu-LISA. Massimo has over 15 years of extensive expertise in the areas of NIS Directive, risk assessment, certifications and policy-driven Research and Innovation.

• Egon Berghout, Professor Erasmus University Rotterdam

Title of the presentation: The European opportunity for a safer digital world – security lessons from the car industry

Egon Berghout is Academic Director of the IT Auditing & Advisory program, Erasmus Universities and passioned about educating the best digital risk & security experts. He is also member of the EC Cloud Policy Working Group for Cloud Security Certification. Egon runs his own IT Governance & Assurance practice, is member of the supervisory board for the Dutch Courts of Law and was member of the independent committee, which investigated the failure of the new Dutch citizens administration system on behalf of the Dutch Parliament.

• Ali Hessami, Innovation and R&D Director at Vega Systems, Vice Chair IEEE AI Certification Programme and Chair IEEE P7000 Technology Ethicsstandard

Title of the presentation: An overview of the guidelines for the ethical design of modern systems and services

Ali is currently the Director of R&D and Innovation at Vega Systems. He is an expert in the systems assurance and safety, security, sustainability and knowledge assessment/ management methodologies and has a background in design and development of advanced control systems for business and safety critical industrial applications. Ali is a Visiting Professor at London City University’s Centre for Systems and Control in the School of Engineering & Mathematics and at Beijing Jiaotong University School of Electronics & Information Engineering. He is also a Fellow of Royal Society of Arts (FRSA), Fellow of the UK Institution of Engineering & Technology (IET) and a Senior Member of IEEE.