EU working on cybersecurity standards to boost risk management

A speaker from the European Union Agency for Cybersecurity told delegates at the Ferma Forum that it is developing cybersecurity standards that can be scaled to fit small and midsize enterprises and will help improve cyber risk management across Europe and within supply chains.

Hosting a session on day two of the meeting in Copenhagen, Ferma Vice President Philippe Cotelle said he wants to see a “reference” cyber standard for EU SMEs that struggle to come up with their own cybersecurity policy.

He said there is a lot of concern across Europe that SMEs don’t have adequate cyber risk management in place or take out insurance to cover losses.

“So I think we should have reference standards appropriate for SMEs that would be a real target for them to know what they should do to implement cybersecurity. If we do that, then insurers will also be happier to insure them. So we would have better cyber protection and cyber risk management across Europe,” said Mr. Cotelle, who is also head of cyber insurance and head of insurance risk management at Airbus Defence & Space.

He said it would far better for the EU to come up with its own cybersecurity standards rather than wait for the United States, for example, to impose its set of requirements on European companies active in the country.

Commercial Risk Europe is a sister publication of Business Insurance. More stories from CRE here.