S4SME.EU enhances the security of SMEs in Europe by bringing state-of-the art Cyber Security Risk Management (CSRM) to SMEs. SMEs form the backbone of the European economy and yet – according to NIS platform findings – most SMEs are exposed to cyber security related risks, have low awareness and are thus highly vulnerable.

S4SME.EU addresses the severe lack of a CSRM framework for SMEs by developing a CSRM Suite comprising policies, technical guides, and best practices supported by an online portal and toolkit. To achieve adoption by SMEs an innovative, business centric approach, rooted in real business environments will be taken, with the goal to engage with SMEs starting at the Chief Executive level. The CSRM Suite will be practical, simple to implement, cost effective, scalable and address all level of employees. The inclusion of selected dynamic risk assessment tools will enable SMEs to learn how to adapt to a fast changing threat landscape, to ongoing changes in the legal environment as well as changes in their contractual relationships e.g. with outsourcing partners. A strong SME awareness campaign will accompany the entire project.

The major outcomes of S4SME.EU will be:

Increased awareness of the need for CSRM in SMEs across Europe

A detailed understanding of CSRM barriers in SMEs and methods to overcome these

A validated “S4SME.EU CSRM Suite” for SMEs

A validated S4SME.EU risk management framework for SMEs

Sustainable S4SME.EU production pilots in five European countries as a first step towards a European wide roll-out

New, dynamic CSRM management methods for highly interconnected SMEs


Through S4SME.EU:

SMEs will receive the materials, training and support they require to implement CSRM including dynamic elements and thus effectively reduce their cyber security risk exposure

Policy makers will receive proposals for law and regulatory related solutions

The European economy overall enhances its resilience against cyber security incidents and attacks