Christophe Ponsard and Jeremy Grandclaudon, Survey and Guidelines for the Design and Deployment of a Cyber Security Label for SMEs, 4th International Conference, ICISSP 2018, Funchal - Madeira, Portugal, January 22-24, 2018, Revised Selected Papers
Cyber Security risks and attacks are on the rise, especially at the light of the recent events in the geopolitical landscape. Cyber attacks are not longer targeting big organisations such as governments, institutions or global companies. Smaller businesses and even citizens are now also being hit by cyber attacks, either directly or as a result of side effects. At the same time, the regulation and legislative pressure to prevent cyber attacks is increasing, especially in Europe. In order to protect Small and Medium Enterprises (SMEs), different labels, specific standards or practical guidelines are being developed. This papers makes a comparative survey of such initiatives with the aim to initiate such an approach in Belgium in a consistent way with other existing approaches and also to enable longer term convergence with a possible European scheme. Our goal is to reach enough SMEs with a basic level of cyber security and engage them in continuous improvement to keep a sustainable but efficient level of security. At a more practical level, we report about how to set up the overall organisational structures, basic management processes and some supporting tools.