Beta

Source: OJ L 333, 27.12.2022, p. 80–152

EN

Recital 56 Small and medium-sized enterprises

Member States should, in their national cybersecurity strategies means a coherent framework of a Member State providing strategic objectives and priorities in the area of cybersecurity and the governance to achieve them in that Member State;, address the specific cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; needs of small and medium-sized enterprises. Small and medium-sized enterprises represent, across the Union, a large percentage of the industrial and business market and often struggle to adapt to new business practices in a more connected world and to the digital environment, with employees working from home and business increasingly being conducted online. Some small and medium-sized enterprises face specific cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; challenges such as low cyber-awareness, a lack of remote IT security, the high cost of cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; solutions and an increased level of threat, such as ransomware, for which they should receive guidance and assistance. Small and medium-sized enterprises are increasingly becoming the target of supply chain attacks due to their less rigorous cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; risk-management measures and attack management, and the fact that they have limited security resources. Such supply chain attacks not only have an impact on small and medium-sized enterprises and their operations in isolation but can also have a cascading effect on larger attacks on entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; to which they provided supplies. Member States should, through their national cybersecurity strategies means a coherent framework of a Member State providing strategic objectives and priorities in the area of cybersecurity and the governance to achieve them in that Member State;, help small and medium-sized enterprises to address the challenges faced in their supply chains. Member States should have a point of contact for small and medium-sized enterprises at national or regional level, which either provides guidance and assistance to small and medium-sized enterprises or directs them to the appropriate bodies for guidance and assistance with regard to cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; related issues. Member States are also encouraged to offer services such as website configuration and logging enabling to microenterprises and small enterprises that lack those capabilities.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod