By Elisavet Goutman August 28, 2023
Cybersecurity challenges in Greek companies – Study by EY Greece and Microsoft
ΕΥ Greece and Microsoft have carried out a study on the challenges concerning cybersecurity in Greece. The study attempts, for the first time in the Greek market, to thoroughly analyse the current national and European legal and regulatory framework of cybersecurity. European regulations, such as NIS, NIS II and CERD, the main legal acts on cybersecurity in Greece (4577/2018, 4961/2022), their field of practice and the next steps for the compliance of the Greek companies with those, are presented in the study. In addition, the study describes the goals and the respective actions of the National Cyber Security Strategy 2020-2025 that was presented by the Ministry of Digital Governance.
The exponential development of digital technology, beyond any business benefits has parallelly increased the degree of complexity of cyber-crime, creating additional managerial costs. At the same time, the digitization forms a dynamically transformable but also regulatory environment, with which the organisations are called to comply with.
A large-scale study was carried out in a sample of cyber security professionals from big Greek companies and various fields of expertise, in order to make the challenges of the Greek companies that derive from the legislation and the regulations on cyber security be easier comprehended.
The study concluded that the basic compliance challenges with the regulatory cyber security environment, are the segmentation of the regulatory and legal landscape, the administrative issues, the management of third parties’ compliance and lastly, the talent and dexterity availability for the better management of the company’s compliance with the regulations.
Eight out of ten interviewed people agree entirely (27%) or partly (53%) that the regulatory landscape of cybersecurity is segmented into many aspects, while more than half (54%) report that the administrative time and the expenses for the regulation compliance assurance are a burden for the company. At the same time, only one out of ten interviewed agrees entirely (13%) that his company has applied the appropriate systems for control and constant monitoring of the compliance, while eight out of ten companies report that it is hard to find the human resources for the efficient coping with the compliance challenges.