General Insurance Article - Call for simplification of EU cybersecurity regulation


Insurance Europe has welcomed the European Commission’s review of the Cybersecurity Act (CSA) and the forthcoming digital omnibus initiative, supporting the objective of simplifying regulation, reducing administrative burdens, and ensuring a proportionate, risk-based approach.

 The review of the CSA was launched in April 2025 to reflect the rapid pace of technological change and the growing sophistication of cyber threats. The review focuses on key areas including the mandate of ENISA (the EU Agency for Cybersecurity), the European Cybersecurity Certification Framework, and security risks in the ICT supply chain.

 In its response to the consultation, the European insurance industry supports efforts to streamline cybersecurity reporting requirements and eliminate unnecessary overlaps and duplications. Recent regulatory developments - particularly the implementation of the Digital Operational Resilience Act (DORA) - have already significantly increased compliance obligations for insurers.

 Insurance Europe highlights that insurers must navigate a complex and fragmented legal landscape, including horizontal regulations such as the General Data Protection Regulation (GDPR), the ePrivacy Directive, the Artificial Intelligence Act, and, in some cases, the Cyber Resilience Act. This patchwork of rules often results in the need to report the same incident to multiple authorities under differing rules and timelines.

 To address this, Insurance Europe calls for:
 • Consistent and comparable reporting formats across jurisdictions to avoid differing interpretations;
 • Avoidance of duplicative reporting, particularly between DORA supervisors and ENISA;
 • Clear and consistent guidance to member states, to prevent the emergence of conflicting national frameworks.

 Insurance Europe stresses the need for legal and supervisory clarity across the EU, noting that in some cases outdated national guidelines remain in force despite having been superseded by EU legislation. This is particularly challenging for cross-border operators that must comply with divergent and sometimes contradictory rules.

 Finally, with regard to potential changes to the mandate of ENISA, it is crucial to ensure that greater transparency is enshrined in its working processes and that increased opportunities for stakeholder involvement are guaranteed.

  

  

  

Back to Index


Similar News to this Story

Are you testing your smoke alarms often enough
Only 6% of residents follow safety recommendations for smoke alarms. More than one in 10 never test their alarms. Forgetfulness is given as the main r
SolvencyII review EU must unlock capital for Europes future
Insurance Europe welcomes the launch of the European Commission’s consultation on the Level 2 technical measures of the Solvency II review. It is an o
Mapathon puts Worlds vulnerable communities on the Map
The insurance data and analytics team at LexisNexis® Risk Solutions in the United States and Ireland have led a Mapathon in support of Missing Maps, a

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.