IT security, data protection and digital resilience of companies are assessed worldwide according to the guidelines of leading Austrian security officers.

KSV1870 starts the Austrian CyberRisk Rating by KSV1870 in cooperation with the Kuratorium Safe Austria (KSÖ) in order to make digital risks in global supply chains visible. The digitization of domestic companies is supported with standardized cyber risk management for suppliers. This project is being implemented by Nimbusec GmbH, a subsidiary of KSV1870.

“The corona crisis was a fire accelerator for cyber attacks. The quick connection of hundreds of thousands of home office workstations was the only way out to keep many companies going. Cyber criminals have more entry points than ever before, because everything that is connected to a network represents a target. Small and medium-sized businesses in particular have some catching up to do when it comes to cybersecurity. We must therefore prepare our companies for these challenges, focus on the employees and provide them with appropriate training. As the Ministry of Digital, we offer a contact point for companies with the Digital Innovation Hubs and a contact point for society with the free cybersecurity competence checks of the association ‘fit4internet‘, “says Dr. Margarete Schramböck, Federal Minister for Digitization and Business Location.

The importance of IT security has risen rapidly

For 150 years it has been part of KSV1870’s DNA to secure corporate values. To this day, the Association for the Protection of Creditors attaches particular importance to the careful handling of information. “In 1997, KSV1870 was one of the first companies to make its own database available online. We have known about the importance of IT security and data protection for a long time and are now taking the next logical step with the CyberRisk Rating by KSV1870,” explains Ricardo-José Vybiral, MBA, CEO of KSV1870 Holding AG.

New Austrian standard based on the EU NIS directive

Since the beginning of 2020, the KSÖ has been developing a standard for evaluating cyber risks together with security officers from industry, administration and critical infrastructure. This standard is based on the requirements of EU Directive 2016/1148 (“NIS”), which aim to achieve a higher level of security for network and information systems throughout the EU. “The use of the KSÖ CyberRisiko Standard ensures both the international applicability and the future security of the Austrian CyberRisk Rating by KSV1870”, says Mag. Erwin Hameseder, President of the Board of Trustees for Safe Austria.

From critical infrastructure to small businesses

Due to the EU Directive 2016/1148, the critical infrastructure of Europe in particular – companies from the energy, banking and healthcare sectors as well as public administration – are required to set high standards for cyber security for their suppliers. The Austrian CyberRisk Rating of KSV1870 concretizes these requirements and enables a uniform evaluation of thousands of suppliers all over the world. This means that existing supply chains can be continuously checked and purchasing decisions can be made on the basis of objective information. In addition, the EU General Data Protection Regulation (EU GDPR), which has been in force since May 25, 2018, requires that processors in particular have to be checked regularly with regard to their technical and organizational measures – regardless of the respective company size. In the areas of information security and data protection, it is not the size of the company that determines the necessary security measures, but the possible effects of a security incident. This means that it is more important than ever to create a complete overview of all suppliers – without exception.

Nimbusec GmbH implements CyberRisk Rating by KSV1870

The Austrian CyberRisk Rating by KSV1870 is implemented by Nimbusec GmbH. The Linz-based company was taken over by KSV1870 in April 2020 and in just seven years has developed from Futurezone Austria’s Top Startup in 2014 into a renowned and internationally active specialist in security and GDPR compliance monitoring of websites. Customers around the world count on the proven expertise of the now 18-strong team. “The KSV1870 is the perfect partner to implement solutions such as the CyberRisk Rating in the best possible way for our customers”, explains Alexander Mitter, CEO of Nimbusec GmbH.

Source:  KSV1870 Press Release