Managed services in the EU are to be certified by ENISA in an attempt to standardize and increase cybersecurity standards to boost trust in digital infrastructure.

The EU Agency for Cybersecurity (ENISA) has stated that it is gearing towards establishing a certification scheme of Managed Security Services (MSS) as they are increasingly becoming important in all industries. Many public and private organizations have increasingly turned to managed services to protect their activities as cyber threats get sophisticated.

In April 2025, the European Commission formally requested ENISA to develop a candidate certification scheme in the hopes of harmonizing various member states standards. The plan will handle resource inconsistency and increase confidence in the service provision by diagramming requirements, which are clear and service-oriented.

ENISA Executive Director Juhan Lepassaar stressed that to create an effective unified EU Cybersecurity Reserve, managed services have to be certified. This step also enhances confidence in the digital services and makes it easier to choose the providers one can trust.

The certification system will be comprised of horizontal standards for all MSS and vertical profiles that deal with specific types of services. The incident management lifecycle will be the first area of concern.

In its support of development, ENISA is welcoming cybersecurity experts to form an Ad Hoc Working Group. They will make a difference in what will define certified managed services in the EU.