Any questions? Get in touch!

Weekly Cybersecurity Digest

Posted on March 4, 2025

Dear Valued Clients,

Welcome to this week’s cybersecurity digest, curated by Make Sense to keep you informed about the latest developments in information security across Europe. Our goal is to provide you with actionable insights to enhance your security posture.

Top Stories of the Week

  • ENISA Takes Lead as EU Agencies Network Coordinator: As of March 1, 2025, the European Union Agency for Cybersecurity (ENISA) has assumed the role of coordinator for the EU Agencies Network (EUAN). This new governance model aims to enhance inter-agency collaboration and communication, strengthening the EU’s collective cybersecurity posture. [Read more on ENISA]

  • Industry Groups Push for EU Cybersecurity Label: On February 28, 2025, twenty-three European industry groups called on EU tech chief Henna Virkkunnen to promptly adopt the draft cybersecurity certification scheme (EUCS) for cloud services. The revised certification aims to assist governments and companies in selecting secure cloud service vendors and now favors major U.S. tech firms like Amazon, Google, and Microsoft. The industry groups emphasize that balancing robust security standards with an open-market approach is crucial for Europe’s digital economy. [Learn more on Reuters]

  • UK Sets Deadline for Social Media Platforms to Assess Online Risks: Britain’s media regulator Ofcom has set a March 31 deadline for social media and other online platforms to submit risk assessments regarding the likelihood of users encountering illegal content on their sites. Under the Online Safety Act, firms must assess and mitigate risks of various offenses, including terrorism, hate crime, child sexual exploitation, and financial fraud. [Explore more on Reuters]

Industry Trends and Insights

There is a growing trend of collaborations between state-backed hackers and hacktivists, posing heightened risks to critical infrastructures such as utilities and food manufacturers. This trend escalates cyber threats, with 70% of last year’s vulnerabilities being deep within Industrial Control System (ICS) networks. Experts emphasize the importance of basic cybersecurity practices to mitigate these evolving risks. [Learn more on Cybersecurity Dive]

Regulatory Updates

The Cybersecurity Act has introduced new compliance requirements for cloud service providers in the EU. This regulation emphasizes the need for robust security measures to protect sensitive data and ensure accountability in cloud environments. [Learn more on the European Commission’s website]

Practical Tips and Best Practices

This week, we recommend focusing on:

  • Conducting Third-Party Risk Assessments: Regularly evaluate the cybersecurity practices of vendors and suppliers to minimize risks in your supply chain.
  • Implementing Privileged Access Management (PAM): Limit and monitor privileged accounts to reduce the risk of insider threats and unauthorized access.
  • Improving Patch Management Processes: Ensure timely updates and patches for software and systems to protect against known vulnerabilities.

Conclusion

As the cybersecurity landscape continues to evolve, staying informed and proactive is more crucial than ever. We encourage you to consider how these developments might impact your organization and explore how our training programs can support your security objectives.

Stay secure,
The Make Sense SRL Team & CyberTania