Home » News » The new Cybersecurity Label creating a clearer path to better cybersecurity for European SMEs.

The new Cybersecurity Label creating a clearer path to better cybersecurity for European SMEs.

Companies are nowadays experiencing cyber-attacks on a daily basis. A cyber-attack can cost them on average €25,000. Smaller businesses are often targeted and hit harder, suffering repeat attacks which can lead to damaged reputations and potential closure. Despite this, cybersecurity is still often an after-thought for many small businesses, with only half of European SMEs (Small and Medium Enterprise) investing adequately to address the issue.

Help though is at hand, as this week sees the launch of a brand-new Cybersecurity Label. The Label targets Europe’s small businesses, especially start-ups and micro-SMEs that are approaching the IT security assurance landscape for the very first time. Created in a partnership between SGS, the global leading testing, inspection and certification companies, and the EC-funded initiative cyberwatching.eu, the Cybersecurity Label represents an important first step for small-sized companies to understand their current cybersecurity weaknesses. This means that they are better informed on their current status, how to act to improve their cybersecurity posture and potentially explore the benefits of certification.

With the EU Cybersecurity Act coming into force less than a year ago to provide an EU-wide harmonised framework to certify ICT products and services, cybersecurity certification can be a market differentiator for businesses. Certifications can help companies act with confidence and assure their customers and partners of their ability to defend themselves from cyberattacks and data breaches. However, for an SME, micro-enterprise or start-up, taking the first steps to certification can be both complex and daunting.

Lucio González Jiménez, CyberLab Madrid Manager at SGS and member of the author-team behind the tool explains:

With so many standards, schemes and methodologies around, the landscape can be confusing. The Cybersecurity Label is a robust but lightweight first step for small businesses carry out a self-assessment to understand where their weaknesses and priorities lie. You can’t run if you can’t walk. Businesses need to carefully analyse their cybersecurity posture. It is a vital step in understanding the critical assets a company should protect to run its business, which assets are critical for customers, and to diligently assess all processes and procedures.

The Cybersecurity Label is an online tool which is organised into a simple online questionnaire. Responses are evaluated according to 8 domains which are the starting point of the general process of certification. This covers requirements in fields such as software, protocols, services, hardware, infrastructure, security policy, external providers and critical business products.

Nick Ferguson, Senior project manager at Trust-IT Services and coordinator of the cyberwatching.eu project which has funded and created the tool adds.

The label is unique in helping companies to carry out a self-assessment which is built on relevant parts of key standards such as ISO 27001, 22301 and the NIST directive. It is essential to help a small business assimilate clear concepts and smooth the path to further action. In the long-term, companies can save time, money and avoid frustration in their journey to either enable certification or improve compliance to regulations.​

The Label will be sustained by cyberwatching.eu and its consortium partners which include the Spanish cybersecurity cluster AEI. It will become one of the key assets of the Spanish Cybersecurity Innovation Hub CyberDIH. It is set up to support SMEs and is part of a broad EU-wide network of national hubs. Marina Ramírez Jiménez, AEI explains.

We’re very excited about the launch of the label and its value not only to European SMEs, but also to the whole ecosystem in terms of helping companies to improve their cybersecurity posture. This is key to creating a trusted digital economy in Europe and can be a vital asset for our network of SMEs that are part of the cybersecurity innovation hub.

The label was launched earlier this week at the cyberwatching.eu Concertation Meeting which saw European cybersecurity experts from research, policy and business worlds come together.

To access the Cybersecurity Label visit: http://gtt.cyberwatching.eu/Pages/Home.aspx

For more information about cyberwatching.eu visit cyberwatching.eu.


Have you ever received an SMS to your smartphone that asked you to follow a link for more information? It could be a delivery notice from an online store or postal service, or a notification of a new voicemail. Maybe the SMS seemed a bit off, and you might have wondered whether you should click the link or not. But you wanted to know where your parcel is or who left a message, so you went on and clicked it anyway.

Future Events

Final conference showcasing SECREDAS results on improving security, safety and privacy of autonomous driving

The SECREDAS project, a collaboration of over 70 organisations, is nearing its completion. Over the past three years, our experts in security, safety and privacy domains jointly worked to develop integrated security, safety and privacy solutions for autonomous driving.

09/10/2021 to 22/10/2021

Registration for the EuroCybersec2021 Workshop is open!
The workshop will take place on 25-26. October 2021, in-person in Nice, France and virtual.

Join us and find out what is latest in research for the security of the IoT!

For detailed program and registration please visit https://iotac.eu/register-eurocybersec2021-workshop/!



25/10/2021 to 26/10/2021