Czech Business Today
INVESTING IN CYBER SECURITY WILL SAVE COMPANIES BILLIONS OF EUROS. BUT BUSINESSES MUST HAVE THE CAPACITY TO DO IT
The European Union faces a growing risk of cyber threats. Poland, the Baltic and Nordic countries are most affected, but the whole of Europe is being targeted. In response to this threat, the European Commission has introduced two new pieces of legislation: the Cyber Solidarity Act and the Cyber Resilience Act, which aim to strengthen the EU’s resilience to cyber threats.
The EU should be able to defend itself against cyber-attacks, as called for by the European Parliament and the Member States themselves. That is why in 2020, the European Commission presented its cyber strategy, focusing in particular on protecting the internal market and European economic operators. Jan Míča, digital leader of the European Commission Representation in the Czech Republic, described this at a discussion organised by the CEBRE office at the end of June.
Tomáš Minárik, Director of the International Cooperation and European Union Department of the National Office for Cyber and Information Security (NUCSIS), estimates that the resulting package of measures willd be as massive as the GDPR.
“Every 11 seconds, there is a cyber-attack on the internal market of the European Union,” Jan Míča said. The average hacker attack costs around half a million euros, he said.
Prevention is crucial, given the high cost of dealing with cyber-attacks. According to Tomáš Minárik, this should bring savings for the entire economy of 180 and 190 billion euros.
Companies themselves are aware of the need to invest in their protection and preventive measures, said Martina Chitu, deputy director of Deloitte’s cyber security section. “We see a huge interest in advising companies on ensuring their cyber security,” she described.
Within the Czech Republic, the preparedness of larger companies is usually better than that of smaller ones, Chitu pointed out. Most medium-sized companies are forced to hire external staff because they cannot cover cyber security with their financial and personnel capacities. However, it is smaller and medium-sized enterprises targeted by up to 40 per cent of all attacks, according to Astra company.
The two European acts on cybersecurity contain several exemptions to level the playing field for individual businesses and not to place the same demands on companies with a thousand or a dozen employees. The EU also offers financial support to enable smaller companies to secure themselves.
It is the case that companies are often not well-versed in European legislation and do not clearly understand the requirements they have to meet when doing business. However, this applies not only to cyber legislation but also to other European or national regulations. Enterprises are therefore calling for better information and assistance, for example, from the state.