EUCC ISAC
Budget
Not declared
EP Access
0
accredited persons
Staff
1
0.5 FTE
EU Grants
None
Mission & Goals
The EU Common Criteria Information Sharing and Analysis Centre (EUCC ISAC) is an international non-profit association dedicated to fostering collaboration, harmonization, and excellence in cybersecurity certification. By building trust and interoperability, we aim to create The EUCC ISAC acts as a central hub for collaboration between public and private stakeholders, ensuring the effective and consistent implementation of the EU Common Criteria (EUCC) certification scheme. It provides essential input to key entities—including the ECCG subgroup for EUCC maintenance (EsEm), the European Commission, ENISA, and Member States—to support the ongoing development and maintenance of the EUCC scheme. We aim to maintain state-of-the-art practices by providing technical interpretations, methodologies, attack quotations, and an up-to-date attack catalogue. a robust market for certified ICT products that address the rapidly evolving technological and threat landscapes, both in Europe and globally.
EU Legislative Interests
1. Cybersecurity Act (Regulation (EU) 2019/881) Supporting the EU-wide cybersecurity certification framework, under which the EU Common Criteria Certification Scheme (EUCC) was developed Supporting implementation and interpretation of Common Criteria standards (ISO/IEC 15408 and CEM ISO/IEC 18045), and fosters sharing of vulnerabilities as required under the Cybersecurity Act 2. Implementing Regulation on EUCC (Implementing Act EUCC) Comprising EUCC Implementing Act and its future amendments, this regulation governs the roles, structure, and updating process for the EU Common Criteria scheme Assisting ENISA, the European Commission, and the European Cybersecurity Certification Group (ECCG) in maintaining scheme coherence and delivering feedback on supporting “State‑of‑the‑Art” and interpretation documents.
Communication Activities
1. Technical Working Groups EUCC ISAC hosts regular closed-door technical workshops involving accredited certification bodies, evaluation labs, and national cybersecurity authorities to discuss the implementation and evolution of the EUCC scheme, including interpretation of Common Criteria (CC) requirements. 2. EUCC scheme supporting documents The EUCC ISAC edits and/or delivers updated and comments on supporting document ("State-of-the-Art document" and "Interpretation" documents).
Interests Represented
Promotes their own interests or the collective interests of their members
Member Of
N/A
Organisation Members
ANSSI – Agence Nationale de la Sécurité des Systèmes d'Information BSI – Bundesamt für Sicherheit in der Informationstechnik RDI – Rijksinspectie Digitale Infrastructuur CCN - Centro Cryptologico Nacional Red Alert Labs Applus Laboratories Brightsight (by SGS) CEA Leti CLR Labs EDSI (Kudelski Group) Eurosmart Giesecke+Devrient IDEMIA Secure Transactions Infineon Technologies Mastercard NXP Semiconductors Qualcomm Riscure Samsung Electronics SealSQ SERMA Safety & Security SRC STMicroelectronics Thales TrustCB T‑Systems TÜViT (TÜV Nord Group) Winbond
Additional Information
Budget is made of membership fees only.
Commissioner Meetings
No recorded meetings with EU commissioners.