Written by Mar Negreiro (1st edition).
Managed security services are services carrying out or providing assistance for activities relating to customers’ cybersecurity risk management. They are gaining increasing importance in the prevention and mitigation of cybersecurity incidents. Yet they were not included in the scope of the EU cybersecurity certification framework within the Cybersecurity Act from 2019. As some Member States have begun adopting certification schemes for managed security services that are divergent or inconsistent, there is a need to avoid fragmentation in the internal market. The present proposal therefore includes targeted amendments to the scope of the Cybersecurity Act, seeking to enable managed security services schemes by means of Commission implementing acts.
In Parliament, the file has been assigned to the Committee on Industry, Research and Energy (ITRE), where the rapporteur published her report on 7 September 2023. The amendments tabled in the ITRE committee were published on 21 September 2023. The vote in committee is scheduled for 25 October 2023.
- October 2023: Managed security services (1st edition)
|Regulation amending Regulation (EU) 2019/881 as regards managed security services|
|Committees responsible:||Industry, Research and Energy (ITRE)||COM(2023)0208|
|Rapporteur:||Josianne Cutajar (S&D, Malta)||2023/0108(COD)|
|Shadow rapporteurs:||Angelika Niebler (EPP, Germany)|
Bart Groothuis (Renew, the Netherlands)
Ville Niinistö (Greens/EFA, Finland)
Evzen Tošenovský (ECR, Czechia)
|Ordinary legislative |
(Parliament and Council
on equal footing –
|Next steps expected:||Vote in committee on draft report|