FERMA
Latest news

FERMA’s views on the EU’s Cyber Resilience Act initiative : The need for a risk-based global approach

On 25 May, FERMA submitted its response to the European Commission’s public consultation on a Cyber Resilience Act (CRA), which aims to set a standard for the cybersecurity of digital goods and ancillary services in the EU.

Cyber risk management is a top priority for companies. In fact, it has grown in importance in recent years. For instance, in 2018 when FERMA surveyed European risk managers, 37% of the respondents identified cyber threats as the most critical to their organisation. This figure rose to 63% in 2022, according to our last European Risk Manager survey.

 

Download the position paper HERE

FERMA welcomes the European Commission’s initiative that seeks to harmonize practices at EU level and provide clear benchmarks on cyber security.

FERMA recommends to the European Commission to put in place a horizontal legislation for the CRA involving the implementation of a common regulatory approach. It will be applicable to all categories and risk profiles of ICT products in order to guarantee the functioning and harmonisation of the Internal Market. This will ensure certain level playing field and the development of the Digital Single Market.  

FERMA has also emphasizes the importance of ensuring proportionality in the future CRA to guarantee fair competition by for instance, allowing self-assessment at a certain level of nature, scale and complexity of organisation (i.e. SMEs).

A transitional period in any form of EU intervention should also be foreseen for companies to adapt, given the quick evolution of cyber risks and threats.

Still, FERMA believes that the CRA is only a brick in the wall of cyber resilience in the EU. Therefore, FERMA calls on the European Commission to foster a global risk management approach to cyber resilience encompassing the identification, assessment and treatment of cyber risks. This global approach could draw upon FERMA’s work in the area of cyber risk governance.

FERMA has been an active contributor to the EU’s Digital Agenda for many years. In addition to the publication on cyber risk governance with ECIIA, FERMA has also produced a report on cyber insurance (here), a guide on AI in risk management (here), and has held multiple webinars on the topic including one on the GDPR (here). 

 

Contact us:

  • For content: charles.low@ferma.eu
  • For media: Typhaine.beauperin@ferma.eu
Download the attachment

Share with others

Avenue de Tervuren 273 B12
1150 Brussels (BELGIUM)
Tel: +32 2 761 94 32
Email: enquiries@ferma.eu

Join our newsletter

FOLLOW US

Linkedin X-twitter Youtube

© Copyright FERMA 2025. All rights reserved

Contact us

General Terms and Conditions

Privacy Policy

Cookie Policy

Powered by Fontana Design

Subscribe to our newsletter

* indicates required
Interests

By subscribing to our newsletter, you agree that we may process your information in accordance with our Privacy policy.

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at enquiries@ferma.eu.

We use MailChimp as our marketing platform. By subscribing to our newsletter, you acknowledge that your information will be transferred to MailChimp for processing. Learn more about MailChimp’s privacy practices here.

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.