In this highly digitalized era, cloud computing offers immense benefits to a wide range of industries. It reduces storage costs while at the same time increasing storage capacity, and it is flexible enough to adapt to any business environment. According to Gartner, the cloud services market is expected to grow by 6.3% in 2020 to a total of $257.9 billion.
Despite its undeniable advantages in business (and outside of it), cloud computing still faces many challenges, such as Management capabilities, Data protection, Regulatory and compliance restrictions, Data recovery and availability, and more.
ENISA has commenced preparation of a unified cloud certification (EUCS) under the EU Cybersecurity Act. By developing a joint and coordinated effort on a European level, the cloud computing industry could be completely transformed. New providers would emerge on the market, production, efficiency, and performance would increase, and the client base would be infinitely more satisfied with the amount of standardized, reliable products at their disposal.
If you wish to get preparation hints or learn more about certifications of your cloud computing systems and services, get in touch with us today EU Cloud Scheme experts.
Fragmentation of the Cloud Computing Industry
Currently, cloud computing products and services in France and Germany have to obtain two specific certifications to be accepted across the entirety of the EU: the SecNumCloud and the Compliance Controls Catalogue (C5). A problem arises because these two certification processes seem to be at odds with each other.
A widely accepted solution that would bring forth a host of other benefits and lower the fragmentation of the cloud computing industry is a unified certification under the EU Cybersecurity Act prepared by ENISA and certification stakeholders. All EU Member States would accept this single certification and would greatly aid the cloud computing market as it stands today.
Benefits of a Single Certification Scheme
1. Cost Reduction
In order to comply with different rules and a multitude of tests, all EU cloud computing companies must cover a total estimated yearly cost of €1.2 billion. This is anywhere between 2 and 10% of these companies’ annual spending. By introducing a single certification process, the EU public sector alone would save around €1.1 billion per year.
2. Shorter Certification Time
The current audit and testing processes required for certification last around 7 - 9 months. This time would be shortened to only 4 to 6 months in the future, with the help of ENISA (the European Network and Information Security Agency).
3. Improved Client Trust
Given the current discrepancies between different standards and schemes, end-users (for example, the banking sector) cannot effectively compare and decide which standard is best suited for their needs. As a result, the end-users’ (clients’) trust in cloud computing services and products is greatly diminished.
4. Increased Market Competition
Bigger competition among suppliers leads to a broader choice of products and services. Clients would no longer need to depend solely on one cloud system provider. They would have the opportunity to choose between different options until they find one that works best for them.
5. Lower R&D Expenses
Participating in standardization lowers the economic risk, but it also reduces R&D costs. Cloud system providers don’t have to waste money on research if the results of already-standardized work are widely available.
By developing a joint and coordinated effort on a European level, the cloud computing industry could be completely transformed. New providers would emerge on the market, production, efficiency, and performance would increase, and the client base would be infinitely more satisfied with the amount of standardized, reliable products at their disposal.