GDPR and EU-NIS Directive require all organisations, especially operators of essential services, to establish cyber risk management for suppliers and third parties.
The CyberRisk Rating by KSV1870 represents a standardised process to meet these requirements. Cyber risks in global supply chains become transparent and can thus be reduced in a targeted manner.
Since the beginning of 2020, Kuratorium Sicheres Österreich has been working together with CISOs, DPOs and managers from critical infrastructure, government and industry to develop a standard for the assessment of cyber risks. This standard is based on the requirements of the EU Directive 2016/1148 ("NIS"), which aims at archiving a higher level of IT security throughout the EU. This KSÖ standard forms the basis of the CyberRisk Rating by KSV1870.