How cyber risk ratings can support better cyber reliance and regulatory compliance

March 20, 2023 by The Sting's Team Leave a Comment

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Dan Morgan, Senior Government Affairs Director for Europe & APAC, SecurityScorecard

Businesses and governments face constant cyber threats, from state-sponsored cyber espionage to ransomware attacks by criminal gangs.
Many leading organizations have turned to cyber risk ratings to help them understand and mitigate their cyber risk exposure and better comply with regulations.
In France, policymakers are taking the lead globally by looking to mandate the use of cyber risk ratings.

In the digital age, cybersecurity risks are an ever-present threat. Businesses and governments face constant cyber threats, from state-sponsored cyber espionage to ransomware attacks by criminal gangs. The impact of these threats can be devastating, resulting in economic turmoil and threats to public safety.

In response, policymakers across the globe are looking at how regulation can strengthen an economy’s cyber posture, whether that be the Digital Operational Resilience Act (DORA), recently adopted by the European Parliament, which also makes financial groups accountable for the security of tech vendors they use, or The Network and Information Security Directive (NIS2), which provides legal measures to boost the overall level of cybersecurity in the EU.

Discover

What is the Forum doing to avert a cyber pandemic?

Next-generation technologies such as AI, ubiquitous connectivity and quantum computing have the potential to generate new risks for the world, and at this stage, their full impact is not well understood.

There is an urgent need for collective action, policy intervention and improved accountability for government and business in order to avert a potential cyber pandemic.

The Forum’s Centre for Cybersecurity launched the Future Series: Cybercrime 2025 initiative to identify what approaches are required to manage cyber risks in the face of the major technology trends taking place in the near future.

Find out more on how the Forum is leading over 150 global experts from business, government and research institutions, and how to get involved, in our impact story.

Businesses understand the need for regulation

Given the growing threat landscape, businesses increasingly support regulation to address and mitigate risks. The 2023 World Economic Forum Global Cybersecurity Outlook shows cyber executives are now more likely to see cybersecurity regulations as an effective tool for reducing cyber risks across a sector.

Many leading organizations have also turned to cyber risk ratings to help them understand and mitigate their cyber risk exposure and better comply with regulations. Cyber risk ratings provide an objective measure of an organization’s cybersecurity posture based on various factors, including network security, data protection and incident response capabilities. These ratings help organizations identify areas of weakness in their supply chains and cybersecurity defences and prioritise remediation efforts.

Policymakers are also starting to see the utility of cyber risk ratings across markets and how they could be an effective policy lever to support the growing number of cyber regulatory requirements and improve cyber resilience within economies.

Have you read?

Cyber risk ratings as a regulatory tool

In France, policymakers are taking the lead globally by looking to mandate the use of cyber risk ratings. The French Cyberscore Law, enacted on March 3, 2022, creates the obligation for a cybersecurity certification for digital platforms intended for the public. It comes into force on October 1, 2023.

This groundbreaking act will mandate cyberscores on the 500 largest merchants’ websites operating in France. The plan is to extend this to 10,000 strategic companies, such as the electric power grid and healthcare.

https://cdn.jwplayer.com/players/XzJNEPOV-ncRE1zO6.html

Addressing third-party risk through regulation

Much of the new cyber regulation in the EU is designed to manage digital supply chains and third-party providers.

For instance, DORA aims to ensure that all participants in the financial system have the necessary safeguards to mitigate cyber attacks and other risks. The legislation will require firms to ensure that they can withstand all types of ICT-related disruptions and threats. Like much of the economy, the financial sector is highly dependent on third-party tech vendors, both big and small.

This was highlighted recently when the CFTC postponed the publication of its weekly Commitments of Traders (CoT) report for the week ending February 17, 2023, due to a cyber attack on a third-party provider, ION Cleared Derivatives. According to data from the Futures Industry Association, this attack impacted a huge market with over $1 trillion of equity, commodity and interest rate futures open in December.

By introducing a mandatory cyber risk rating requirement, France will proactively manage how cyber risk is understood and promote greater digital resilience throughout the supply chain.

https://open.spotify.com/embed/episode/6GgPsqjXdq0dMXOM3iwyIH

Mandate EU-wide cyber risk ratings

This law should serve as a call to action for policymakers across the EU and globally to consider similar measures to improve cybersecurity and digital resilience.

Lenders, such as banks and credit card companies, use credit scores to evaluate the potential risk of lending money to consumers and mitigate losses due to bad debt.

Similarly, cyber risk ratings can provide regulators and the market with an objective measure of an organization’s cybersecurity posture, helping to inform regulatory decisions, reduce the risk of cyber incidents and effectively comply with regulations, such as DORA in the EU.

SecurityScorecard believes the EU should consider mandating a cyber risk rating system similar to the French model across all member states. This would create a level playing field for organizations across the EU and ensure that cybersecurity is taken seriously by all actors in the digital ecosystem. This may come in different forms across the various cyber-focused regulatory requirements and may not always be in law, it could come through guidance, regulatory interpretation or, indeed, certification. DORA regulators are developing common draft regulatory technical standards for ICT risk management tools that could include cyber risk ratings.

This is not a one size fits all, but moving towards ensuring cyber risk ratings are a must-have, not a nice to have, will improve cyber reliance and support the EU’s digital ambitions.

Discover more from The European Sting - Critical News & Insights on European Politics, Economy, Foreign Affairs, Business & Technology - europeansting.com

Subscribe to get the latest posts sent to your email.

© UNOCHA A heavily damaged apartment building in Sloviansk, eastern Ukraine.

UN warns Ukraine war risks spiralling ‘out of control’

May 29, 2026

This article is published in association with United Nations. The United Nations on Thursday warned of a dangerous escalation in the war in Ukraine after a wave of large-scale Russian strikes and threats of further attacks, with Secretary-General António Guterres saying “the death spiral must stop.” Addressing the Security Council in New York, Mr. Guterres said […]

© WHO A frontline health worker in PPE (personal protective equipment) takes part in the Ebola response in eastern Democratic Republic of the Congo.

Ebola outbreak in DR Congo collides with conflict and hunger, WHO warns

May 28, 2026

This article is published in association with United Nations. The UN World Health Organization (WHO) on Wednesday warned that eastern Democratic Republic of the Congo faces a “catastrophic collision of disease and conflict” as a fast-spreading Ebola outbreak outpaces containment efforts in a region already battered by armed violence, mass displacement and acute hunger. WHO Director-General […]

© WFP/Michael Castofas WFP staff and responders handle boxes of supplies at a logistics site in DR Congo during the Ebola outbreak.

International airlines urged to stick to safety measures in wake of Ebola outbreak

May 27, 2026

This article is published in association with United Nations. As a deadly Ebola strain continues to spread in the Democratic Republic of the Congo (DRC), with cases confirmed in neighbouring Uganda, the UN aviation agency is urging governments and flight operators to closely follow guidelines put in place following the COVID-19 pandemic. The outbreak of the […]

© WHO Supplies to bolster the response against the Ebola outbreak in Ituri province arrive in the town of Bunia.

Ebola epidemic spreading rapidly and outpacing containment efforts

May 26, 2026

This article is published in association with United Nations. There are more than 900 suspected cases of the Bundibugyo strain of Ebola in the Democratic Republic of the Congo, and 220 suspected deaths, the head of the World Health Organization (WHO), Tedros Ghebreyesus, said on Monday. The latest outbreak of the deadly disease, which WHO has declared […]

WHO chief calls for urgent Ebola action and pandemic preparedness

May 25, 2026

This article is published in association with United Nations. The recent Ebola and hantavirus outbreaks demonstrate that the world is still vulnerable to rapidly spreading infectious diseases, Tedros Ghebreyesus, the head of the World Health Organization (WHO), warned on Saturday at the close of the 79th World Health Assembly in Geneva. His call came as Ugandan […]

UN agencies step up Ebola response in eastern DR Congo

May 22, 2026

This article is published in association with United Nations. United Nations agencies have moved swiftly to support efforts to contain the latest Ebola outbreak in eastern Democratic Republic of the Congo (DRC), delivering emergency medical supplies, protective equipment and logistics support. As health authorities in both the DRC and Uganda respond to the deadly resurgence, the […]

© UNICEF/Josue Mulala Emergency aid is prepared for delivery to Kasaï province in response to the recently declared Ebola virus disease outbreak in DR Congo.

Ebola risk is high inside DR Congo but it’s no pandemic emergency: WHO

May 21, 2026

This article is published in association with United Nations. The deadly Ebola outbreak in Democratic Republic of the Congo (DRC) and Uganda does not represent a global pandemic emergency, although the risk is high at a regional and national level, the UN health agency chief said on Wednesday. In an update on the fast-developing situation in […]

How the Hormuz crisis keeps disrupting kitchens, ports and paychecks

May 20, 2026

This article is published in association with United Nations. The fragile ceasefire between the United States and Iran may have eased fears of a wider regional war, but persistent instability around the Strait of Hormuz continues to disrupt global trade, drive up energy costs and fuel a growing jobs and cost-of-living crisis. The fallout is being […]

© UNFPA Ukraine In March 2026, a maternity hospital in Odesa, Ukraine was attacked by Russian forces.

World News in Brief: More attacks in Ukraine, violence against children in Haiti, refugee IDs in Africa

May 19, 2026

This article is published in association with United Nations. Civilians, including humanitarians, continue to face great danger across war-torn Ukraine amid ongoing hostilities, according to the UN humanitarian relief coordination office there, OCHA. Over the past three days, frontline attacks killed at least 11 civilians and injured nearly 200 others, including five children, as reported by […]

UN Photo/Milton Grant Sculpture depicting St. George slaying the dragon. The dragon is created from fragments of Soviet SS-20 andUnited States Pershing nuclear missiles.

Nuclear terror threat ‘has never been so high’

May 19, 2026

This article is published in association with United Nations. The widespread availability of new technology, such as militarised drones and artificial intelligence, means that the current threat of nuclear terrorism is higher than it has ever been. The humanitarian, environmental, and economic consequences of a radiological or nuclear terrorist attack would be global, undermining international peace […]

© UNICEF/Nyan Zay Htet Recent disruptions to energy supplies and global supply chains have reverberated across development and humanitarian sectors, including relief efforts in Myanmar, where millions remain in need of assistance.

Global energy and trade disruption pushing millions towards poverty

May 18, 2026

This article is published in association with United Nations. Disruptions to global energy supplies and trade corridors are driving up the cost of food, transport and essential goods worldwide, slowing economic growth and increasing pressure on vulnerable households and debt-strapped developing countries. The warnings came during a special meeting of the UN Economic and Social Council […]

UN Photo/Eskinder Debebe UN Relief Chief Tom Fletcher (centre) along with Ambassador Mike Waltz (right) and Jeremy P. Lewin of the United States hold a joint press briefing on funding to the humanitarian system.

UN welcomes $1.8 billion US boost for humanitarian operations

May 15, 2026

This article is published in association with United Nations. An additional $1.8 billion in US humanitarian funding will allow the United Nations and its partners to expand emergency relief operations reaching millions of people worldwide, as rising global needs and funding shortfalls force aid agencies to scale back assistance. The funding announcement, made on Wednesday by […]

© WHO/Hanan Balkhy Displaced families are living in overcrowded tents and makeshift shelters, surrounded by waste and debris, with limited access to safe water and sanitation services.

World News in Brief: Mounting waste in Gaza, drone attacks in Sudan, aid truck struck in Ukraine

May 14, 2026

This article is published in association with United Nations. Mounting waste and limited access to sanitation sites are deepening health risks for families across Gaza, as humanitarian workers warn that overcrowded dumping areas and worsening living conditions threaten vulnerable communities. Ramiz Alakbarov, UN’s top aid official in Occupied Palestinian Territory visited a dumping site in Gaza […]

This article was exclusively written for The European Sting by Mr. Franco Miguel Nodado, a 4th-year medical student from the Philippines. He is affiliated with the International Federation of Medical Students Associations (IFMSA), cordial partner of The Sting. The opinions expressed in this piece belong strictly to the writer and do not necessarily reflect IFMSA’s view on the topic, nor The European Sting’s one.

Autism Spectrum Disorders in Global Health: Bridging the Gap in Awareness, Early Diagnosis, and Inclusive Care

May 13, 2026

This article was exclusively written for The European Sting by Ms. Georgia Maria Vardalachaki, a medical student from the Medical University of Crete, Greece. She is affiliated with the International Federation of Medical Students Associations (IFMSA), cordial partner of The Sting. The opinions expressed in this piece belong strictly to the writer and do not necessarily reflect IFMSA’s […]

© WHO/Hedinn Halldorsson WHO Director-General Tedros and a health expert during operations involving the MV Hondius off Tenerife amid the hantavirus response.

Hantavirus-hit ship evacuation completed as quarantines begin

May 12, 2026

This article is published in association with United Nations. The passengers and crew have disembarked from the hantavirus-hit cruise ship MV Hondius in Tenerife and many have returned to their home countries, as the UN World Health Organization (WHO) said the operation demonstrated a “triumph of solidarity”. The repatriation effort, coordinated by Spanish authorities with support […]

© NASA The Strait of Hormuz which separates the United Arab Emirates and Iran is a strategically important shipping route

Strait of Hormuz de-escalation is urgent, says UN chief

May 12, 2026

This article is published in association with United Nations. As the Strait of Hormuz crisis deepens and tensions between Iran and the United States remain unresolved, oil prices rose again early Monday, prompting the UN Secretary-General to call for a peaceful resolution and warn of the widening fallout across Africa and beyond. “My strong appeal is […]

Ukraine: Over 3,000 attacks on healthcare since full-scale Russian invasion

May 11, 2026

This article is published in association with United Nations. The World Health Organization (WHO) has verified more than 3,000 attacks on healthcare in Ukraine since Russia launched its full-scale invasion in February 2022, the UN agency reported on Friday. “During 1,534 days of war, Ukraine’s healthcare system has experienced repeated attacks,” it said. Every aspect of the system has been […]

WHO Passengers from MV Hondius assisted by Spanish and WHO health teams after disembarking.

Passengers leave hantavirus-hit cruise ship in Tenerife as WHO says outbreak ‘not another COVID’

May 11, 2026

This article is published in association with United Nations. Passengers and crew from the cruise ship MV Hondius began disembarking in Tenerife on Sunday under a tightly coordinated international health operation led by Spanish authorities and the World Health Organization (WHO), as officials sought to reassure the public that the outbreak “is not another COVID.” The […]

Nuclear energy in the Middle East: A realistic choice or a risk?

May 11, 2026

This article is published in association with United Nations. As global electricity demand grows, so does the popularity of nuclear energy. In the Middle East, several countries are evaluating or advancing nuclear power projects, balancing weighty issues such as regional security, climatic conditions and international cooperation. “Nuclear energy is at the intersection of energy demands, technological […]