ENISA supports development of EU guidelines for cyber insurance industry

According to the European Network and Information Security Agency (ENISA), the European Union's approach must be adapted to the growing rate of private-sector insurance against cyber-incidents. The agency wants the EU and national authorities to agree on the criteria for which damage should be covered by insurance providers and recommends that European Commission takes part in the establishment of guidelines for insurance companies, including an outline of how they should assess individual companies' cybersecurity risks. According to ENISA, EU authorities should also set up a centralised database of cybersecurity incidents so companies can compare information about hacking attacks in different industries, which should help them to understand the nature of threats faced by individual sectors.

ENISA is encouraging more companies to adopt cyber insurance policies as a measure that could help them to respond to serious cyber attacks (such as the various ransomware strains that caused massive damage in 2017) more effectively and mitigate resulting economic harm. ENISA, whose role has been strengthened by the current European cyber security strategy, is also dealing with the creation of a new European certification framework which will ensure that ICT products and services are safe to use.

About author: Roman Šulc

Partners

Tento web používá k analýze návštěvnosti soubory cookie. Používáním tohoto webu s tím souhlasíte. Další informace