General Insurance Article - Call for simplification of EU cybersecurity regulation


Insurance Europe has welcomed the European Commission’s review of the Cybersecurity Act (CSA) and the forthcoming digital omnibus initiative, supporting the objective of simplifying regulation, reducing administrative burdens, and ensuring a proportionate, risk-based approach.

 The review of the CSA was launched in April 2025 to reflect the rapid pace of technological change and the growing sophistication of cyber threats. The review focuses on key areas including the mandate of ENISA (the EU Agency for Cybersecurity), the European Cybersecurity Certification Framework, and security risks in the ICT supply chain.

 In its response to the consultation, the European insurance industry supports efforts to streamline cybersecurity reporting requirements and eliminate unnecessary overlaps and duplications. Recent regulatory developments - particularly the implementation of the Digital Operational Resilience Act (DORA) - have already significantly increased compliance obligations for insurers.

 Insurance Europe highlights that insurers must navigate a complex and fragmented legal landscape, including horizontal regulations such as the General Data Protection Regulation (GDPR), the ePrivacy Directive, the Artificial Intelligence Act, and, in some cases, the Cyber Resilience Act. This patchwork of rules often results in the need to report the same incident to multiple authorities under differing rules and timelines.

 To address this, Insurance Europe calls for:
 • Consistent and comparable reporting formats across jurisdictions to avoid differing interpretations;
 • Avoidance of duplicative reporting, particularly between DORA supervisors and ENISA;
 • Clear and consistent guidance to member states, to prevent the emergence of conflicting national frameworks.

 Insurance Europe stresses the need for legal and supervisory clarity across the EU, noting that in some cases outdated national guidelines remain in force despite having been superseded by EU legislation. This is particularly challenging for cross-border operators that must comply with divergent and sometimes contradictory rules.

 Finally, with regard to potential changes to the mandate of ENISA, it is crucial to ensure that greater transparency is enshrined in its working processes and that increased opportunities for stakeholder involvement are guaranteed.

  

  

  

Back to Index


Similar News to this Story

Call for simplification of EU cybersecurity regulation
Insurance Europe has welcomed the European Commission’s review of the Cybersecurity Act (CSA) and the forthcoming digital omnibus initiative, supporti
7 California wildfire lessons learnt for European insurers
The devastating January 2025 wildfires in Los Angeles, which destroyed over 16 000 structures and caused insured losses of approximately USD 40 billio
Do not be left high and dry this summer
Aviva is urging caution as data reveals a correlation between warm weather and fire claims. Number of garden fire claims is already significantly high

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.