On the 11th of April, EU policymakers, industry and research organisations gathered in Brussels for the second Hermeneut Cyber Policy Lab. Consortium partner, the European Organisation for Security (EOS), hosted the workshop.

This event focused on cyber risk in the Intellectual Property Intensive Sector. Specifically, it explored how European policy frameworks might further support the IP intensive industry and cybersecurity sectors to develop and implement potential solutions to help mitigate this risk in a timely and cost-effective manner.

Consequently, discussions resulted in four key sector-specific policy recommendations. These aim at EU and national Member State policymakers:

  1. Cybersecurity risk assessments implemented in the IP-intensive sector must clearly define the core IP elements requiring protection. This ensures to decrease cybersecurity risks and investment. In addition, it allows other parts of the company to operate with less intensive mitigation strategies.
  2. Organisation’s decisionmakers must consider the impacts of cybersecurity mitigation strategies on company processes when assessing investments in risk-based cybersecurity solutions. This ensures viable maintenance of their services.
  3. A common EU cybersecurity risk assessment methodology should be considered as a means of ensuring a secure and resilient European cybersecurity infrastructure. Such a frameork should consider the cascading effects of cyber-physical attacks (including potential harm to human life). Also, it should be free from legal or technical backdoors.
  4. Defining EU cybersecurity metrics to assess the impact of cybersecurity attacks on organisations and their full value chain. This ensures the comprehensive assessment of organisational risk.

Hermeneut will incorporate the results of both Cyber Policy Labs to the project’s Policy Recommendation Report. Hermeneut will publish the Report on the project website in July 2019. Follow our Twitter and Linkedin channels for more information soon!