and that the data used will not be stored in Gcloud, AWS etc.
Interesting question, if you mean even studies or equipment used for the
development of the infrastructure shall not rely on non-EU CSPs, the
text specifies that projects must demonstrate
'that the network technologies and equipment (including software and services) funded comply with the conditions [...]
indicate that
no security sensitive equipment or services deployed or used within the proposal will be procured from third country suppliers - footnote
According to the EU coordinated risk assessment, the risk profiles of individual suppliers can be assessed based on several factors. These factors include the likelihood of interference from a third country.'
A footnote further even concedes that this kind of assessment would
even apply to MNOs who rely on third parties to perform maintenance and
upgrade of networks. We
are thinking of the US providers, but the EP Rapporteur on the NIS 2
did laud this initiative by highlighting that the DNS4EU is the only way
to create a protective shield from attacks from other world regions,
giving Russia and N Korea as examples.
Would anybody know which stakeholders have the capacity to apply for this call?
Anastasia