CoESS is already since a couple of years engaged in the topic of cybersecurity – notably through the  cybersecurity guidelinesfor the security services and fire alarm industry, which we published together with Euralarm back in 2019.

High levels of cybersecurity in security services and deployed products are key, as highlighted in the document. Against the background of a growing number of high-profile cyberattacks with a global footprint, the annual cost of cybercrime to the global economy in 2020 was estimated to be EUR 5.5 trillion, double that of 2015.

Particularly in the private security services, it is key that manufacturers deliver high-quality products that guarantee a high level of cyber resilience. In case of an incident, it us often the user who carries the highest costs – financially, but also in terms of reputation.

In the consultation that was launched by the European Commission to prepare the EU Cyber Resilience Act, CoESS therefore supported EU action that establishes a risk-based approach to provide high levels of cybersecurity in digital products, higher transparency on qualitative products, and legal certainty along the security chain.

For users of cyber secure products, such as private security companies, it is particularly useful if transparency is enhanced – e.g. on manufacturer compliance with cybersecurity rules and standards, but also software updates along the life-cycles of products.

Mandatory measures should be accompanied by increased efforts in speedy development of harmonised Standards in this area, in line with the EU Standardisation Strategy, and EU public procurement guidelines on how to identify qualitative and compliant digital products – also to guide public buyers towards providers that offer services with high cybersecurity levels that are in line with any EU rules.