In response to the increasing cyber threats that European SMEs face, DIGITAL SME has created the first European Information and Sharing Centre intended to support SMEs with cybersecurity, regardless of sector. This group, open to all, shares cybersecurity information and best practices, helps SMEs with compliance, develops resources and tools for companies and brings together a strong expert community from SMEs. Join the group to access the resources, help develop new tools and stay up to date with the latest information on cyber threats, compliance needs and SME support mechanisms, including funding.
As the digital realm confronted a surge of ransomware attacks in the first quarter of 2023, totaling 36 identified gangs, a staggering revelation emerged: SMEs constituted 87% of affected companies.
*Source: "The Ransomware Landscape in Europe" report
CHAIR
University of St. Gallen
MEMBERS
Davide Giribaldi, Swiss Cyber Com SA
Giulia Lansarotti, Muscope Cybersecurity Srl
Patricia Shields, Cyber Cert Labs
Dusko Rodic, Advanced Cybersecurity
Anthony Senter, ATOMNIA,
David Mai, IDEMIA
Oliver Morbach, Exponential World
COORDINATOR
The Cyber Resilience Act covers a wide range of products - use our tools to find out if yours is in scope.
The NIS2 replaces the original NIS Directive, bringing stronger cybersecurity controls and targetting more sectors, to ensure that Europe's critical infrastructure is cybersecure.
For more information on compliance, check out our CRA and NIS2 hubs:
Cybersecurity Insurance for SMEs: the essentials
Cyber insurance is a vital risk management tool for SMEs, covering non-physical damage resulting from a cyber attack. Understanding your policy is crucial, as coverage is often contingent on your business’s existing security posture.
NIS2 Guide for SMEs
DIGITAL SME’s Guide for SMEs is aimed at companies that need to show their customers that they are a secure supplier, in line with the NIS2 requirements. Companies in scope of the legislation are required to validate the security posture of their suppliers, and by following our guide, SMEs can prepare for this.
ENISA Threat Landscape Report 2025
Cybersecurity threats are no longer reserved for major corporations. This report from ENISA makes it clear that cybercriminals are industrialising their attacks, making even Small and Medium-sized Enterprises (SMEs) high-value targets.
The key findings of the report underscore that basic cyber hygiene and robust resilience measures are vital for every private organisation. DIGITAL SME have extracted key takeaways for SMEs, to help the members of the ISAC develop their resilience.
ISO/IEC 27001 Guide for SMEs
This Guide was developed by the DIGITAL SME “WG27K” working group. The WG27K is made up of experts familiar with standardisation issues for information security management system and they fully understand SMEs’ needs in this field.
SME Guide for Industrial Internet of Things (IIoT): SPECIAL FOCUS ON SECURITY
This Guide was developed by an ad-hoc group created by experts of the DIGITAL SME Working Groups Standards and Cybersecurity and Data Protection.
Ransomware Landscape in Europe H1
The report indicates an in-depth rise of ransomware attacks (from 112 in 2022 to 175 in 2023), followed by phishing campaigns carried out in the same yearly timeframe. Divided in four total quarters, the ongoing year has faced a steady peak of attacks already in Q1, where 7,772 new Common Vulnerabilities and Exposures (CVEs) were published, underscoring once again the ever evolving and dynamic nature of cyber vulnerabilities.
Ransomware Landscape in Europe H2
In the second half of 2023, there was a marked rise in targeted cyberattacks focused on data theft and demanding ransom for the restoration of compromised systems. From the first to the second half of the year, the incidence of cyberattacks increased by 11%. During this period, the number of affected countries rose from 89 to 94, and the number of active ransomware groups also saw an increase.
Cyber Health Check
This is a quick self-assessment designed to help you understand your current level of cyber readiness.
CRA self-assessment check
The Open CyberSecurity Compliance Toolkit (OCCTET) is designed to help Small and Medium Enterprises (SMEs) evaluate their readiness for the EU Cyber Resilience Act (CRA) — especially when using Free and Open Source Software (FOSS) in digital products.
