Empowering Trust
in Cybersecurity Certification
The EU Common Criteria Information Sharing and Analysis Centre (EUCC ISAC) is an international non-profit association dedicated to fostering collaboration, harmonization, and excellence in cybersecurity certification. By building trust and interoperability, we aim to create a robust market for certified ICT products that address the rapidly evolving technological and threat landscapes, both in Europe and globally.
Our Mission
The EUCC ISAC acts as a central hub for collaboration between public and private stakeholders, ensuring the effective and consistent implementation of the EU Common Criteria (EUCC) certification scheme. It provides essential input to key entities – including the ECCG subgroup for EUCC maintenance (EsEm), the European Commission, ENISA, and Member States – to support the ongoing development and maintenance of the EUCC scheme. We aim to maintain state-of-the-art practices by providing technical interpretations, methodologies, attack quotations, and an up-to-date attack catalogue.
Who We Are
The EUCC ISAC functions as a structured and inclusive platform, comprising Technical Groups that address various technical domains and foster engagement among a diverse range of stakeholders, including:
- National Cybersecurity Certification Authorities (NCCAs)
- Conformity Assessment Bodies (CABs)
- ICT Manufacturers and Providers
- Laboratories and IT Security Evaluation Facilities (ITSEFs)
- End-User Organizations
- Observers or invitees: Non-European certification authorities and consortia
What We Do
Our Values
The EUCC ISAC is founded on a set of core values that promotes trust, cooperation to developp the highest standards in cybersecurity certification.
- Transparency: We uphold inclusive and open processes, ensuring all members have access to information and the opportunity to contribute meaningfully.
- Fairness: Our structure guarantees equal opportunities for participation, fostering balanced contributions from diverse stakeholders.
- Inclusiveness: The ISAC is accessible to a broad range of actors, from small and medium-sized enterprises (SMEs) to large corporations, ensuring diverse perspectives and expertise are represented.
- Consensus-Driven: We prioritize decision-making through agreement, encouraging collaboration and mutual understanding across all members.
- Trust and Confidence: We cultivate a culture of openness and collaboration, where all stakeholders are empowered to contribute to the scheme’s maintenance and evolution in a constructive and transparent manner.
- Accountability: The ISAC adheres to strict antitrust, anti-corruption principles and IP rights policy, with robust mechanisms for addressing complaints, appeals, and ensuring fairness.
News and Events
EUCC ISAC Software Technical Domain – Call for volunteers
Call for Volunteers The EUCC ISAC Software Technical Group is launching its activities and invites volunteers to participate in its activities that will be operated through subgroups. The Technical Group focuses on evolving methods and [...]
Invitation to EsEm Members
EUCC ISAC & EsEm Members’ Meeting EsEm members are warmly invited to participate in the joint EUCC ISAC & EsEm Members’ Meeting, taking place during the EUCC ISAC 1st General Assembly meeting in Brussels [...]
EUCC ISAC’s Contribution to CSA 2 Public Consultation
Topic: Maintenance Framework and Role of ISACs in European Cybersecurity Certification Schemes The EUCC ISAC is a stakeholder platform bringing together industry experts, National Cybersecurity Certification Authorities (NCCAs), Conformity Assessment Bodies (CABs), and Certification Bodies [...]
Interested in contributing to the EUCC certification ecosystem and collaborating with the EUCC ISAC community?