With cyber threats posing a growing risk to financial stability, the European Union (EU) is imposing tougher cybersecurity standards, Moody’s Investors Service reports.
The rating agency said new legislation, which will improve cyber defence standards and create a more harmonized framework for managing cybersecurity risk, is a positive for affected companies — even as it increases costs.
“The new legislation follows an increase in cyberattacks, which are emerging as a risk to financial stability as the EU economy digitalizes rapidly,” Moody’s noted.
In particular, legislation that targets the financial services sector will increase demands on third-party technology providers — a move that aims to address the emerging risks posed by growing reliance on cloud services.
Moody’s said the new legislation “will ensure that the EU’s financial sector can keep operating in the event of severe cyber disruption.”
At the same time, the new measures will increase financial and administrative burdens for businesses, it noted.
“Smaller firms that have previously been exempt from cyber regulation will need to devote a greater share of their resources to regulatory compliance, and may struggle to hire and retain qualified cyber security staff,” said Niclas Boheman, senior analyst at Moody’s.
The report noted that research has found that global investments in cybersecurity “are growing rapidly.”