Open letter CIO associations to EC to call for digital single market for cloud services that need a high level of assurance
Open letter CIO associations to EC to call for digital single market for cloud services that need a high level of assurance
Beltug, Cigref, VOICE and CIO Platform Nederland are calling upon Commissioner Thierry Breton to take several necessary steps in order to create new market opportunities for highly secure cloud solutions in Europe.
Business users of digital technologies within the European Union nowadays are often confronted with security regulations that they must comply with. Our members support such regulations, considering them as highly important for the protection of their organisations, and to provide the necessary guarantees of data integrity to their customers and their employees.
However, in the current business reality European enterprises often don’t find verifiably adequate solutions provided on the market, or they find solutions that claim to be compliant, but in fact they lack the trustworthiness needed.
Our communities of European business users of digital technologies call upon the European Commission to ensure that by mid-2024 the following steps are taken:
- Requirements for cloud services that need a high level of assurance are available, and uniformly apply throughout the European Union,
- All public administrations and providers of vital services are required to use cloud services that have a high level of assurance, dedicated for their sensitive data,
- A grace-period for compliance with the legal requirements for security as long as no solutions with a high level of assurance are freely available on the market within the European Union.
These steps would benefit:
- the integrity of the Single Digital Market,
- making available in the EU higher security levels in cloud technologies (Trusted Cloud) - especially for processing sensitive data,
- clearer specifications of requirements for providers to adhere to, so they can provide for compliant, secure and affordable solutions in the whole of Europe, and
- the possibility for businesses and public organisations to be compliant with the law, including NIS2 and GDPR.