Brightsight licensed as EUCC ITSEF by Dutch NCCA

28.05.2025 03:03 PM

All five licensed European laboratories of Brightsight are authorized to perform security evaluations of IT products as independent test labs under the EUCC. 

We are delighted to announce that, following our accreditation by the Dutch Accreditation Council Raad van Accreditatie (RvA), Brightsight is now a licensed as an IT Security Evaluation Facility (ITSEF) under the European Cybersecurity Act (CSA) legislation by the Dutch Authority for Digital Infrastructure Rijksinspectie Digitale Infrastructuur (RDI) in their role as National Cybersecurity Certification Authority (NCCA). This means all five licensed European laboratories of Brightsight (located in Delft, Barcelona, Madrid, Graz, Meyreuil) are authorized to perform security evaluations of IT products as independent test labs under the EU Cybersecurity Certification Scheme on Common Criteria (EUCC) on the highest assurance level for all technical domains.

Receiving authorization from the Dutch NCCA is not only a significant step forward in our commitment to cybersecurity, but also a testimonial to our expertise and dedication to upholding the highest standards in security evaluations. Also, it strengthens Brightsight's position as a trusted and credible provider of security evaluations.

Olaf Tettero
Chief Operations Officer North America and Europe

"We are now officially open for the EUCC evaluations and we are proud to embark on this new chapter. Thanks to the EUCC ITSEF licence, we are fully equipped to play a vital role in ensuring the security and trustworthiness of digital products and systems under the EUCC scheme, and so contributing to a safer online environment for businesses and consumers. On top of that, we can maintain our number one position as a Common Criteria lab. Our strongest asset is offering Common Criteria evaluations in conjunction with other regulations and schemes such as CRA, RED, PCI-SSC and SESIP."

For product manufacturers, achieving the EUCC certification offers significant benefits beyond just a competitive edge from greater market access and increased product trust. It also brings potential for facilitating regulatory compliance, particularly with emerging legislation like the Cyber Resilience Act (CRA) for certain categories of digital products. However, it is not just about market benefits; it's also a strategic move that can help manufacturers anticipate and potentially streamline their compliance obligations with upcoming cybersecurity regulations across the EU.

 

Interested?

Do you want to know how to achieve your product’s compliance? Or do you want to check your product’s implementation and documentation gaps for upcoming regulations and standards? Brightsight can clarify the impact and consequences of these developments on your product. We are eager to leverage our expertise and work collaboratively with stakeholders to build a more secure and resilient digital world. Contact us for more details - our experts are ready to assist you.

Enjoyed this article?

Stay up-to-date with our news, updates and latest developments by following us on LinkedIn.

About Brightsight

Brightsight is a leading global IT security evaluation laboratory, providing comprehensive testing and evaluation services for a wide range of IT products. With decades of experience and a team of expert evaluators, Brightsight is committed to helping customers build digital trust in their products through rigorous and independent security assessments.