moderator

There is growing concern regarding the impact of the upcoming AI Act on the activity of SMEs in that field. While it is feared that a large number of standards associated to the AI Act could create an excessive burden for SMEs to understand and implement the new requirements, on the other hand if there remain gaps in the standards’ coverage of the AI landscape, this will create huge challenges for SMEs whose products sit precisely in such areas (inability to comply). I have started to make increased efforts to reach out to SMEs and collect their views and needs in those regards, and I am leveraging those inputs throughout my contributions in the various standards as well as in coordination.

There is growing concern regarding the impact of the upcoming AI Act on the activity of SMEs in that field. While it is feared that a large number of standards associated to the AI Act could create an excessive burden for SMEs to understand and implement the new requirements, on the other hand if there remain gaps in the standards’ coverage of the AI landscape, this will create huge challenges for SMEs whose products sit precisely in such areas. I have started to make increased efforts to reach out to SMEs and collect their views and needs in those regards, and I am leveraging those inputs throughout my contributions in the various standards as well as in coordination.
In parallel, and beyond the considerations for the AI Act, I am also including in my work continuous considerations for interoperability aspects, which appear to be key to enable easier entry into the market for European SMEs.

The involved standards are useful so that Europe is involved in this type of cybersecurity, which may affect future EU directives.

Organisations willing to achieve a resilient cybersecurity system will have to implement an information security management system. The standards developed through this contribution will provide SME and European societies with a comprehensive guidance on how to use ISO/IEC 27001 and ISO/IEC 27002. Moreover, ISO/IEC 27017 will provide SMEs working as Could service providers with a comprehensive list of guidelines to implement when providing services to Could service customers.

Organisations willing to achieve a resilient cybersecurity system will have to implement an information security management system. Within that context, this contribution helps organisations of any size including SMEs to achieve better security and cybersecurity through the use of standards like ISO/IEC 27003, ISO/IEC 27028, and ISO/IEC 27004 that will be revised and developed through this work. In addition, this contribution provides technology organisations with a framework to develop and use secure cloud systems ISO/IEC 27017, edge computing systems ISO/IEC 25545 and raise awareness about security and privacy aspects of digital twin systems ISO/IEC 27568 so those concerns can be integrated at an early stage and achieve security and privacy by design when developing such innovative technology.