The current political situation in Europe requires increased spending on cybersecurity, which may be manifested by tight systems of rigorous IT product certifications. Each center authorized to issue them costs money – as does the entire process of going through the testing procedures. However, this seems to be a small price to pay when compared to the possible threats.
NASK National Research Institute has become part of the European cybersecurity certification system. It has the right to issue a confirmation of the Common Criteria standard (ISO 15408), i.e. an international cybersecurity standard. Polish entrepreneurs can therefore apply for product verification in the country, instead of with foreign partners.
NASK National Research Institute is an organization operating since 1991 directly subordinated to the Chancellery of the Prime Minister. It is responsible for state cyber security, servicing .pl and .gov.pl domains, as well as being part of the national system Computer Security Incident Response Team whether it supports the development of the mObywatel service. On January 20, 2023, NASK joined the group of entities certifying the Common Criteria standard within SOG-IS MRA associating 15 European Union countries, Norway and Great Britain (more precisely: Austria, Belgium, Croatia, Denmark, Estonia, Finland, France, Germany, Italy, the Netherlands, Luxembourg, Norway, Poland, Slovakia, Spain, Sweden and Great Britain).
Cybersecurity certificates issued for ICT products (information and communication technologies) by NASK will be recognized in a large number of countries considered important IT markets. In Polish law, the Common Criteria standard was adopted as a standard PN-EN ISO/IEC 15408. NASK’s ability to independently issue international cybersecurity certificates for ICT products can be considered a success for three reasons (taking into account the growing EU cybersecurity requirements). Firstly, it proves that the entity meets high criteria. Secondly, the certification process will be able to take place in the country, which will reduce the costs of introducing innovations to the market. Thirdly, it is a step towards digital independence or sovereignty (understood as the ability to act independently, not isolation). It should be added that NASK is the only institution authorized to issue certificates within the aforementioned network.
Source: NASK – National Research Institute