Many companies in the EU are facing difficulties in understanding the complex, sometimes overlapping requirements of existing and upcoming EU cybersecurity regulations.

A common challenge is the need to report cybersecurity incidents to multiple authorities, such as those under NIS2, CRA, and GDPR. This issue is even more pronounced for SMEs (Small and Medium Enterprises), which are disproportionately affected due to limited resources for tracking policy developments and preparing accordingly.

This presentation comes at the time when enhancing the competitiveness of European companies is a key priority for the upcoming European Commission, as highlighted in the recently published Draghi Report.

ECSO conducted a desk analysis, enhanced by a Europe-wide survey, to determ ...