The European Cyber Security Organisation (ECSO) hosted a meeting in their offices on Thursday, 21 November 2024, with key cybersecurity players to present the latest analysis on Streamlining Regulatory Obligations of EU Cybersecurity Policies. Among the attendees, ECSO welcomed a select number of leading European cybersecurity companies of all sizes, CISOs, associations, EU Institutions, and representatives of the EU Member States permanent representations.
From left to right: Nikolett Gagyi (Permanent Representation of Hungary to the EU), Paulina Gorska (Kościuszko Institute), Marietta Gieroń (Kościuszko Institute).
Many companies in the EU are facing difficulties in understanding the complex, sometimes overlapping requirements of existing and upcoming EU cybersecurity regulations. A common challenge is the need to report cybersecurity incidents to multiple authorities, such as those under NIS2, CRA, and GDPR. This issue is even more pronounced for SMEs (Small and Medium Enterprises), which are disproportionately affected due to limited resources for tracking policy developments and preparing accordingly.
The meeting comes at a time when enhancing the competitiveness of European companies is a key priority for the upcoming European Commission, as highlighted in the recently published Draghi Report. Additionally, discussions on reducing compliance burden for companies affected by cybersecurity policies will be an important item of Poland’s upcoming EU presidency.
From left to right: Sebastijan Čutura (European Cyber Security Organisation), Matteo Molé (European Cyber Security Organisation).
The desk analysis conducted by ECSO and the Kościuszko Institute determined the main challenges for compliance, and was further enriched by a Europe-wide survey gathering insights from cybersecurity practitioners from all sectors. Based on first-hand experiences of the current challenges, ECSO elaborated a series of action points to initiate the streamlining of regulatory obligations of EU Cybersecurity Policies. Serving as input for further discussions on the regulatory landscape, the outcomes of this analysis were presented to the Hungarian Presidency and will be officially submitted to the Polish Presidency, set to begin in January 2025.
About the ECSO Policy Analysis and Outreach Stream
The ECSO Policy Analysis and Outreach Stream delivers in-depth policy analysis to ECSO Members, helping them decode and act upon key European cybersecurity developments. The initiative involves close collaboration with EU policymakers and the integration of insights from both public and private sectors. By engaging with European and international stakeholders, it promotes meaningful dialogue for a structured, dynamic European cybersecurity landscape.
Cristian Michael Tracci
Senior Manager for Policy Analysis and Outreach
