FERMA calls on European institutions to simplify cyber reporting obligations
FERMA calls on European institutions to streamline cyber incident reporting and address insurance implications.
The Federation of European Risk Management Associations (FERMA) has called on European institutions to simplify cyber reporting requirements and consider the insurance implications of cyber legislation. This appeal follows the release of the Cyber Reporting Stack report, developed in collaboration with WTW, which offers risk managers vital guidance on navigating the landscape of cyber policy and reporting obligations.
The report outlines current and forthcoming regulations, along with incident reporting requirements, featuring the General Data Protection Regulation (GDPR), Network and Information Security (NIS) 2 Directive, the Digital Operational Resilience Act (DORA), and the Cyber Resilience Act (CRA).
Charlotte Hedemark, President of FERMA, highlighted the growing burden of cyber reporting and added that FERMA believes companies need a streamlined and consistent set of requirements for reporting cyber incidents. The report recommends establishing a ‘single point of entry’ for cyber incident notifications and guides EU member states to streamline their processes and participant involvement.
Philippe Cotelle, Chair of FERMA’s Digital Committee, emphasised there currently needs to be regulations specifying the necessary risk management measures or considering their insurance implications.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.