Skip to main content

The European Security Certification Framework

Objective

In recent years the ICT market has evolved toward a cloud-based approach. This shift together with the rapidly changing legal and regulatory landscape has heavily impacted security assurance, governance and compliance. The information security market players have tried to provide suitable solutions to cope with issues such as i) lack of means to provide higher level of assurance (e.g continuous monitoring and auditing), ii) privacy not adequately taken into account, iii) limited transparency and iv) lack of means to streamline risk management and compliance. In the certification space this has resulted in the creation of several schemas creating an additional problem, i.e. the proliferation of certification scheme. The project EU-SEC will improve the effectiveness and efficiency of existing approaches for assurance and compliance. The EU-SEC aims to create a framework under which existing, certification and assurance approaches can co-exist. The three core ideas behind the EU-SEC project are that an effective and efficient approach to trust, assurance and compliance has to: (1) balance the need of nations and business sectors to develop their specific certification schemas with the need of CSPs to reduce compliance costs (2) avoid that humans (auditors) do activities that can be performed by machines (e.g. collecting data) (3) make sure that accurate and reliable evidences/information are provided to relevant people, in a timely fashion, leveraging as much as possible automatic means. The EU-SEC framework will equip stakeholders in the ICT security ecosystem with a validated governance structure, a reference architecture, and the corresponding set of tools to improve the efficiency and effectiveness of their current approach to security governance, risks management, assurance and compliance. The EU-SEC aims to enhancing trustworthiness and transparency in the ICT supply chain through business cases developed and piloted by industrial partners.

Field of science

  • /social sciences/economics and business/business and management/commerce
  • /social sciences/sociology/governance/crisis management
  • /social sciences/economics and business
  • /social sciences/sociology/governance

Call for proposal

H2020-DS-LEIT-2016
See other projects for this call

Funding Scheme

IA - Innovation action

Coordinator

FRAUNHOFER GESELLSCHAFT ZUR FOERDERUNG DER ANGEWANDTEN FORSCHUNG E.V.
Address
Hansastrasse 27C
80686 Munchen
Germany
Activity type
Research Organisations
EU contribution
€ 893 450

Participants (8)

CLOUD SECURITY ALLIANCE (EUROPE) LBG
United Kingdom
EU contribution
€ 929 375
Address
Melville Street 34
EH3 7A Edinburgh
Activity type
Other
SIXSQ SARL
Switzerland
EU contribution
€ 0
Address
Avenue De France 6
1202 Geneve
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
NIXU OYJ
Finland
EU contribution
€ 406 875
Address
Keilaranta 15 B
02150 Espoo
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
PRICEWATERHOUSECOOPERS AKTIENGESELLSCHAFT WIRTSCHAFTSPRUFUNGSGESELLSCHAFT
Germany
EU contribution
€ 89 250
Address
Friedrich-ebert-anlage 35-37
60327 Frankfurt Am Main
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
MINISTRSTVO ZA JAVNO UPRAVO
Slovenia
EU contribution
€ 165 625
Address
Trzaska Cesta 21
1000 Ljubljana
Activity type
Public bodies (excluding Research Organisations and Secondary or Higher Education Establishments)
MINISTERSTVO FINANCII SLOVENSKEJ REPUBLIKY
Slovakia
EU contribution
€ 155 625
Address
Stefanovicova 5
81782 Bratislava
Activity type
Public bodies (excluding Research Organisations and Secondary or Higher Education Establishments)
FABASOFT R&D GMBH
Austria
EU contribution
€ 174 737,50
Address
Honauerstrasse 4
4020 Linz
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
CAIXABANK SA
Spain
EU contribution
€ 182 875
Address
Avenida Diagonal 621
08028 Barcelona
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)