This Tuesday (13-03-2019) the European Parliament has approved the adoption of new norms to implement a certification system for Cybersecurity in the European Union. This system, aptly named Cybersecurity act, aims to guarantee that products and services sold on the European market will satisfy a certain standard for security requirements. A concern towards increased risks of Chinese intrusion in the European network was also expressed.
The norm has passed with 586 votes in favor, 44 votes against and 36 holdouts. On the same sitting an unofficial resolution was approved, by show of hands, by which the parliament agreed to increase the frequency of checks on products of Chinese origin which are in any way related to the telecommunications industry.
This concern for Chinese presence in the European network is especially high regarding the contracts for the construction of a 5G grid. It seems that Chinese infrastructures might secretly have a backdoor, which would allow them to have remote access to sensitive data of European citizens, businesses and institutions.
Hence the deputes have requested to the European Commission to find viable solutions to face the potential vulnerabilities in the infrastructure for the 5G network. The proposed solutions range from introducing contracts which would separate the construction in different phases, each supervised by a different contractor, to working out a strategy to reduce the European dependence on other countries in topics regarding Cybersecurity.
In the meantime, the European Network and Information Security Agency (ENISA), the agency which is tasked with certifying the products sold in the EU, will receive more funding and human resources to guarantee a higher quantity, but more importantly a higher quality of the product checks. Moreover some emphasis was given to intensifying the cooperation on topics of Cybersecurity between the member states of the EU.