Empowering Trust
in Cybersecurity Certification
The EU Common Criteria Information Sharing and Analysis Centre (EUCC ISAC) is an international non-profit association dedicated to fostering collaboration, harmonization, and excellence in cybersecurity certification. By building trust and interoperability, we aim to create a robust market for certified ICT products that address the rapidly evolving technological and threat landscapes, both in Europe and globally.
Our Mission
The EUCC ISAC acts as a central hub for collaboration between public and private stakeholders, ensuring the effective and consistent implementation of the EU Common Criteria (EUCC) certification scheme. It provides essential input to key entities – including the ECCG subgroup for EUCC maintenance (EsEm), the European Commission, ENISA, and Member States – to support the ongoing development and maintenance of the EUCC scheme. We aim to maintain state-of-the-art practices by providing technical interpretations, methodologies, attack quotations, and an up-to-date attack catalogue.
Who We Are
The EUCC ISAC functions as a structured and inclusive platform, comprising Technical Groups that address various technical domains and foster engagement among a diverse range of stakeholders, including:
- National Cybersecurity Certification Authorities (NCCAs)
- Conformity Assessment Bodies (CABs)
- ICT Manufacturers and Providers
- Laboratories and IT Security Evaluation Facilities (ITSEFs)
- End-User Organizations
- Observers or invitees: Non-European certification authorities and consortia
What We Do
Our Values
The EUCC ISAC is founded on a set of core values that promotes trust, cooperation to developp the highest standards in cybersecurity certification.
- Transparency: We uphold inclusive and open processes, ensuring all members have access to information and the opportunity to contribute meaningfully.
- Fairness: Our structure guarantees equal opportunities for participation, fostering balanced contributions from diverse stakeholders.
- Inclusiveness: The ISAC is accessible to a broad range of actors, from small and medium-sized enterprises (SMEs) to large corporations, ensuring diverse perspectives and expertise are represented.
- Consensus-Driven: We prioritize decision-making through agreement, encouraging collaboration and mutual understanding across all members.
- Trust and Confidence: We cultivate a culture of openness and collaboration, where all stakeholders are empowered to contribute to the scheme’s maintenance and evolution in a constructive and transparent manner.
- Accountability: The ISAC adheres to strict antitrust, anti-corruption principles and IP rights policy, with robust mechanisms for addressing complaints, appeals, and ensuring fairness.
News and Events
EUCC ISAC’s Contribution to CSA 2 Public Consultation
Topic: Maintenance Framework and Role of ISACs in European Cybersecurity Certification Schemes The EUCC ISAC is a stakeholder platform bringing together industry experts, National Cybersecurity Certification Authorities (NCCAs), Conformity Assessment Bodies (CABs), and Certification Bodies [...]
EUCC ISAC Software Technical Group – Kick-off Plenary: 3 June 2026
The EUCC ISAC is pleased to announce the official launch of its Software Technical Group on 3 June from 15 to 18 (CET), a new collaborative initiative designed to strengthen the technical foundations of [...]
EUCC ISAC is hiring – Junior Cybersecurity Certification Engineer (CIP – Belgium)
EUCC ISAC is currently recruiting a Junior Cybersecurity Certification Engineer (CIP – Belgium) to support the activities of its Secretariat in Brussels. This position offers a unique opportunity to contribute to the European cybersecurity [...]
Interested in contributing to the EUCC certification ecosystem and collaborating with the EUCC ISAC community?