High-risk supplier provisions are key. Position on the EU Cybersecurity Act
We have submitted our position to the Ministry of Digital Affairs regarding the ongoing work on the EU Cybersecurity Act (CSA). In our consultation response, we emphasise that the new regulation should strengthen a common European approach to securing digital infrastructure, with particular importance attached to provisions concerning high-risk suppliers.
In a letter addressed to the Director of the Cybersecurity Department at the Ministry of Digital Affairs, we present our initial comments on the draft proposal. We positively assess the European Commission’s CSA initiative: in our view, EU-level instruments are needed to strengthen cybersecurity across Member States.
At the same time, we stress the importance of maintaining the guidelines stemming from the 5G Toolbox and further developing them within the new regulatory framework. The previous voluntary approach has been implemented unevenly and, in many cases, too slowly, which has limited the effectiveness of coordinated action across the EU.
We pay particular attention to provisions concerning high-risk suppliers. In our view, these should be retained within the CSA as an important instrument for mitigating risks related to the security of telecommunications and digital infrastructure.
At the next stages of the legislative process, we plan to present more detailed recommendations.