Towards a Cyber Security Label for SMEs : a European Perspective

Most SMEs underestimate or minimize the cyber security risks they have to face. Moreover, they are not aware that the security context is changing rapidly at different levels. At legislative level, new reference frameworks are created such as the GDPR. At normative level, security standards are evolving and increasingly required. At technical level, threats and technologies are progressing in parallel making security control and management a complex task. This position paper presents our approach and current progress in developing a cyber security label for SMEs supported by accredited third party companies expert in this field. The pursued goal is to raise the awareness of SMEs w.r.t. cyber security and to help them achieving and maintaining an adequate level of protection. We position our work in the landscape of existing frameworks and similar labelling initiatives developed in other European countries.

Voir en ligne : http://www.icissp.org/