During the two days, the project introduced the EU-SEC Framework for efficient and trustworthy Cloud Security Certification emphasing the With the EU-SEC Multi-Party Recognition Framework (MPRF) and the EU-SEC Continuous Auditing Certification (CABC) approach. While MPRF allows an efficient certification process exactly when several certification schemes are in scope, the CABC provides a foundation for trustworthy certification, especially for critical application areas such as finance or health sector. 

At both workshops, interested users from the industry, auditors from the cloud security sector as well as regulators discussed with the partners from the EU-SEC project. In particular, the great potential of EU-SEC framework in context of harmonized European certification landscape in the sense of a European Digital Single market as well as the EU Cybersecurity Act was emphasised. 

Jürgen Großmann, Coordinator of the EU-SEC project, stressed the importance of “EU-SEC Continuous Auditing Based Certification” as part of the recommendation of the CSPCert for the certification of cloud security in the European Union.

Following the workshop, How To Guidelines have been published for cloud stakeholders wishing to learn more about the two innovations.