To tackle the rising cyber threats in Europe, DIGITAL SME has launched an initiative helping SMEs navigate the cyber landscape and match  the demand for cybersecurity expertise.

SME ISAC plays a pivotal role in pushing forward this agenda, operating as an inclusive community for experts from both the private and public sectors to share knowledge, resources, and enhance their visibility.


Cybersecurity is paramount for European SMEs as they navigate an increasingly digitized business landscape.

It is now seen as a core business requirement for tech SMEs, as their relatively smaller size turns them into attractive targets for cybercriminals.

DIGITAL SME works with both legislators and companies to ensure that European legislation is suitable for the market and that resources are available to help SMEs protect themselves.

Working Group Cybersecurity and Data Protection

Connecting European cybersecurity experts to SMEs to shape, share, and collaborate on European policies. It leverages the SMEs’ perspectives and experiences to the attention of EU policymakers and stakeholders.

Through members´ expertise, the group also develops standards and practical guidelines for easier SME access to selected relevant offers.


Services and tools on Cybersecurity for SMEs

The European Federation of Data-Driven Innovation Hubs aims to consolidate as the European reference for data-driven innovation and experimentation, fostering collaboration between data-driven initiatives in Europe, federating solutions in a global common catalogue of data services, and sharing data on a cross-border and cross-sector basis.

To serve as a reference to establishing the Common European Data Spaces, the federation is initially composed of 12 DIHs, covering 10 countries and 12 different regions. It plans to increase the geographical coverage by incorporating other relevant initiatives in the upcoming months.

FLUIDOS will leverage the enormous, unused processing capacity at the edge, scattered across heterogeneous edge devices that struggle to integrate and to form a seamless computing continuum coherently.

The objectives:

  1. Fluidify the edge and unify it with the cloud through a borderless, decentralised continuum leveraging automatic, autonomous resource discovery and integration
  2. Move the gravity outside the data centre, creating a cross-provider, community-based computing and service fabric leveraging open-source software
  3. Orchestrate services and hyper-distributed applications in a continuous, automated fashion over multiple devices and domains, leveraging energy-efficient AI learning algorithms and training for mobility/behaviour prediction and traffic forecasting
  4. Introduce a Zero Trust paradigm aimed at securing the access of geographically scattered resources in an authenticated, authorised manner
  5. Enable the emergence of a multi-stakeholder market of edge services and apps, independent from cloud providers and crucial to ensuring European digital autonomy

Relevant Publications

DIGITAL SME calls for policymakers to bear in mind the additional costs generated by new binding horizontal requirements, especially for SMEs.

The Position Paper highlights the need for proportionality and sufficient guidance in order for SMEs to effectively implement provisions under the Cyber Resilience Act.

Read more

The report indicates an in-depth rise of ransomware attacks (from 112 in 2022 to 175 in 2023), followed by phishing campaigns carried out in the same yearly timeframe.

Divided in four total quarters, the ongoing year has faced a steady peak of attacks already in Q1, where 7,772 new Common Vulnerabilities and Exposures (CVEs) were published, underscoring once again the ever evolving and dynamic nature of cyber vulnerabilities.

Read more

This position paper argues that an efficient eIDAS regulation is needed to scale up electronic identification technologies that can effectively support electronic
transactions, including remote working.

A new trust service for online identification could expand the benefits brought by eIDAS trust services to SMEs, enabling them to develop new value-added services.

Read more

DIGITAL SME examines the intersection between standards and certification schemes from the perspective of SMEs.

As standards and technical specifications will likely play an important role in defining the cybersecurity requirements in the schemes, it is important to examine whether the current standardisation frameworks and the available standards in cybersecurity are fit
for SMEs.

Read more

European policymakers, citizens, and businesses are confronted with the opportunity to shape the digital transformation of society and the economy.

Shaping this transformation requires autonomy and choice. To reflect this need, policymakers have shaped the term ‘digital sovereignty’, which this document will elaborate on. How can we define a way forward for Europe’s digital sovereignty?

This White Paper outlines some suggestions as the basis for a critical discussion.

Read more

With the adoption of the proposal for a revised Directive on the Security of Network and Information Systems (NIS2 D), the European Commission wishes to extend some aspects of the NIS Directive and to harmonise its application further throughout the EU.

DIGITAL SME generally welcomes the clarifications and revisions that have been made to the Directive. As noted in previous stances, DIGITAL SME was in favour of the efforts to strengthen the harmonisation of the Digital Single Market but remained wary of the negative impact that varying implementations between Member States could have on the level playing field and spread of cyber-threats across borders.

Read more

Certificates and Guides

This Guide was developed by the DIGITAL SME “WG27K” working group. The WG27K is made up of experts familiar with standardisation issues for information security management system and they fully understand SMEs’ needs in this field.

These experts were proposed by SME organisations from different EU countries and their selection was based on their competencies, to ensure the group’s compositional diversity.

For EN versionFor FR versionFor EL version

European companies are highly qualified global leaders in GDPR-compliant cybersecurity solutions. To boost their visibility and recognition on the European level and beyond, the European Cyber Security Organisation (ECSO) has initiated the CYBERSECURITY MADE IN EUROPE label.

DIGITAL SME is the only Europe-wide organisation issuing the Label.

For more
Contact Us