MDIA Logo - Malta Digital Innovation Authority Logo

The Malta Digital Innovation Authority has been designated as the National Cybersecurity Certification Authority (NCCA.MT) in line with Article 58 of the Cybersecurity Act.

Certification as a national certification body for high level assurance and supervision

According to ‘article 58 para. 4 CSA’ both tasks have to be independent and separate. ‘Article 58 para. 7 CSA’ defines the following tasks for an NCCA as supervision authority:

  • supervise and enforce rules included in European cybersecurity certification schemes;
  • monitor compliance with and enforce the obligations of the manufacturers or providers of ICT products, ICT services or ICT processes that are established in their respective territories and that carry out conformity self-assessment;
  • assist and support the national accreditation bodies (NAB) in the monitoring and supervision of the activities of conformity assessment bodies;
  • monitor and supervise the activities of the NCCA certification authority based on the respective certification scheme;
  • monitor relevant developments in the field of cybersecurity certification.

NCCA.MT as national hub in the European certification landscape

NCCA.MT cooperates with the European Commission and other European NCCAs. This includes active participation in the European Cybersecurity Certification Group (ECCG) and the peer review of other NCCAs according to ‘article 59 CSA’.

Every NCCA has to ensure an information exchange on the European level, by for instance, providing an annual summary report on the activities which will be sent to the European Union Agency for Cybersecurity (ENISA) and the ECCG. In addition, the NCCA will notify the accredited CABs for each European cybersecurity certification scheme to the Commission. One year after the entry into force of a European cybersecurity certification scheme those CABs will be listed and published in the Official Journal of the European Union.