Project summary

Identifying solutions and moving towards a more integrated Cybersecurity market

The EU already has many territories, or so-called ‘Cybersecurity Smart Regions’ hosting mature regional ecosystems which foster innovation and deliver cutting-edge technologies.

Interreg Europe CYBER – for the strong European Cybersecurity Smart Regions

Three major barriers encumbering the interregional cooperation among the regional cybersecurity ecosystems inside the EU have been identified: a lack of coordination between relevant actors, cybersecurity skills gap and market fragmentation.

Interreg Europe CYBER aims to boost the competitiveness of the European cybersecurity SMEs by creating synergies among European Cybersecurity Smart Regions.

For reaching this, the European Regional Development Fund (ERDF) invested EUR 1,53 million in the five-year interregional cooperation programme. Through a series of interregional cooperation initiatives, CYBER aims to improve the sharing of good practices and public policies and to strengthen cybersecurity ecosystems.

The Bretagne Development Innovation agency is the leading partner in CYBER. The project involves seven European regional partners, including Institute for Business Competitiveness of Castilla y León (Spain), Tuscan Region (Italy), Digital Wallonia (Belgium), Brittany Region (France), and Kosice IT Valley (Slovakia), Chamber of Commerce and Industry of Slovenia (Slovenia) and Estonian Information System Authority (Estonia).

As an Advisory Partner, the European Cyber Security Organisation (ECSO) brings to the project its expertise on regional cybersecurity industrial policies, acquired in its Working Group 4 focusing on ‘support to SMEs and regional cooperation.

A multi-layered approach for cybersecurity: from Regional to European

June 2018 - May 2021: Phase 1 is dedicated to Interregional learning based on the exchange of experience amon partner regions. Together with their regional stakeholders, partner organisations (1) analyse territorial needs, (2) identify, exchange and investigate good practices, (3) develop action plans to improve regional policies.   

June 2021 - May 2023: The Phase 2 is dedicated to the implementation and monitoring of regional Action Plans, that have been defined during Phase 1 based on the lessons learnt thanks to the interregional exchange. These AP help regional authorities improve the policy instruments targeted by each partner region (Operational Programme or Cybersecurity Strategy depending on the region) in order to boost the competitiveness of local cyber SMEs. 

Our common methodology for CYBER includes a common and market-driven taxonomy to develop a structured mapping of regional cyber innovative ecosystems. It comprises cybersecurity providers, end-users, support structures, training organisations and research institutes.

The project also aims to understand the inclusion of local players in the design and implementation of local cybersecurity strategies. To identify good practices and policy needs, project partners exchange information through tailored questionnaires and a high-level strategic planning model (SWOT analysis).

While already contributing to the development of the EU’s digital single market, CYBER’s long-term goal is to significantly reduce cybersecurity market fragmentation in Europe by increasing interregional cooperation across European Cybersecurity Smart Regions.


from 1 Jun 2018
to 31 May 2023

SME competitiveness

What policy instruments does the project address?

Brittany’s Investment for Growth and Jobs Programme ROP 2014-2020 aims to strengthen the coherence between investment and structural reform priorities. It focuses on the need to promote growth and employment to achieve Europe 2020 objectives.

The overall goal of Axis 2 «Developing Bretagne's economic performance through support to research, innovation and enterprises» is to support the competitiveness and economic performance of the region. Axis 2 has three main objectives: 2.1 Reinforce the competitiveness of Breton R&D in the European Research Area; 2.2 Improve the innovation capacity of Breton SMEs; 2.3 Increase the production potential of Breton SMEs.

Specific actions aiming to increase the competitiveness of SMEs include support to industrial innovative projects (2.2.3), to collaborative research projects (2.2.2) and to SMEs in all stages of their development (2.3.2).

According to the ROP, support for SMEs should be consistent with the RIS3, which includes cybersecurity as a strategic innovation area. In addition, specific actions and tools should be designed and implemented according to emerging needs or to a specific sector.

Considering the rapid growth of this industry and the increasing number of SMEs active in in this market, current actions should be improved and new approaches developed to better address the needs of regional SMEs (i.e. collaboration with research and Large Companies, access to larger markets, access to funding) and help them be more competitive.

Which partners are working on this?
  • Bretagne Development Innovation
  • Regional Council of Brittany

Thematic objective 3 of the 2014-20 ERDF Operational Programme (OP) of Castilla y León aims to improve SMEs competitiveness in the region.

 The main aim of the measures within objective 3 is to foster the entrepreneurial spirit and SME development in cybersecurity, through advanced support services and facilities. This will help SMEs to grow, collaborate, consolidate and gain international markets.

 The following specific objectives are relevant to the topic addressed by CYBER: OE.3.1.2. creation of new enterprises and business incubators with improved access to funding and advanced support services; OE.3.4.2 promotion of innovation and cooperation to foster innovation in all sectors; OE.3.4.3. SME internationalisation.

 These measures foster entrepreneurship in ICT, including the development of cybersecurity solutions through support for business creation and growth. They support increased usage of ICT tools in SMEs through technological investments / advanced technical services.

 Based on the RIS3 analysis, it is necessary to deepen some structural elements (RTD infrastructures, clusters) to improve the incorporation of innovation in SMEs. Weaknesses refer to difficulties in reaching SMEs and low number of entrepreneurs. It is necessary to work on measures of the OP to reinforce competitiveness, foster the creation of new businesses and stimulate business growth from SMEs to Mid-Cap companies, providing more targeted support to SMEs active in the cybersecurity spectrum.

Which partners are working on this?
  • Institute for Business Competitiveness of Castilla y León

The Tuscan ROP 2014-20 and the regional RIS3 are implemented in a policy framework that, for ICT related topics, also includes the Digital Agenda and the Regional Industry 4.0. Strategy. In the framework of its RIS3, Tuscany Region (RT) built up this strategy to spread Industry 4.0. to SMEs and enhance SME integration in global value chains. All these strategies are implemented through the financial instruments of the ROP, which is the policy instrument tackled by CYBER. The focus will be Axes 1 and 3, considering measures 1.1.5 innovation, 1.4.1 innovative start-ups, 3.1.1 investment support and 3.5.1. support for new enterprises.

 Through these axes, SMEs receive financial support to develop innovation projects in products, services, or business processes and for investments to increase competitiveness. Beneficiaries include the many SMEs operating in the IT sector in Tuscany and the many SMEs that could benefit from better cybersecurity systems. Following the Industry 4.0. priorities, and thanks to the new cybersecurity network (with relevant stakeholders and new structures), actions focused on cybersecurity will be piloted in the ROP.

 The ROP could be improved through:

  • specific measures for competitiveness targeting cybersecurity;
  • more market oriented approach;
  • interaction between clusters in emerging and consolidated sectors, to promote coordinated action for cybersecurity (in line with the ecosystem concept), while promoting market opportunities for SMEs.


Which partners are working on this?
  • Tuscany Region

Digital Wallonia is the strategy and platform that reunites all the ICT actors of the region (500M€ budget). It was created by the regional government to boost the role of Wallonia as a centre for excellence in the sector.

Strategic objective 1.1 focuses on developing a growth programme for companies in the digital sector.

It is divided into the following axes:

  1. Structure, streamline and animate the digital ecosystem.
  2. Facilitate access to finance at each stage of the business life cycle.
  3. Stimulate the growth of start-ups and SMEs through public action.
  4. Strengthen research dedicated to digital technology and facilitate its transmission to businesses.

Strategic objective 1.2 focuses on the development of the digital sector’s international dimension, with an axis aiming to accelerate growth of champions in the digital sector abroad (1.2.1).

 The strategy has 50 measures, of which 2 active measures focus on cybersecurity: 

  1. To stimulate SMEs to consider cybersecurity in their business, through a catalogue of services supported by regional funding;
  2. To set up a label system for cybersecurity.

One of the main challenges identified by AdN is that the two sides of the market (SMEs interested in cybersecurity services/products and cybersecurity SMEs) will have to be reinforced in parallel, building on the work done within the Digital Wallonia strategy. The strategy should be improved also to reach more SMEs and build awareness on cyber-related topics.

Which partners are working on this?
  • Digital Wallonia Agency

Linked to Slovenia’s RIS3, Digital Slovenia 2020 (2016) lays down Slovenia’s key strategic development goals for the Information Society. It combines the Next-Generation Broadband Network Development Plan and the Cyber Security Strategy into a unified strategic framework. The Cyber Security Strategy is the policy addressed by CYBER. Its implementation is funded from the state budget and the Slovenian OP - EU Cohesion Policy 2014-20.

 The Cyber Security Strategy has 8 Objectives. Objective 3 refers to cybersecurity in the Economy, with 2 areas of intervention: 

  1. Measures to foster research, development and innovation in the field of cybersecurity;
  2. Awareness raising measures about cybersecurity among companies.

 R&D projects should support industry digitalisation and help upgrade the cybersecurity system. Improved cooperation between business and academia is envisaged. The aim is to create a critical mass of cybersecurity experts and foster public-private partnerships, to develop innovative products / services with high market value in Slovenia and abroad.

Standards for cybersecurity will be developed and their implementation will be enforced.

 3 main weaknesses have been identified, and are the reason why participation in CYBER is important:

  1. specific characteristics of SMEs are not addressed;
  2. there is a lack of resources and need for strategies to leverage further funding;
  3. collaboration between stakeholders should be enhanced to improve market access / competitiveness.
Which partners are working on this?
  • Chamber of Commerce and Industry of Slovenia

The instrument addressed is the Cyber Security Strategy (to be reviewed in 2018), and connected policy instruments: Digital Agenda 2020 for Estonia and Estonian Entrepreneurship Growth Strategy 2014-2020. The Cyber Security Strategy Action Plan has a budget of 16 million € and it is partly funded through the ERDF. The specific support measure to be targeted by CYBER is the ERDF funded measure for Establishment of Technological Development Centres.

 The aim of the policy and support measure of technological development centres is to promote R&D, development of technology and innovation and to improve competitiveness.

The strategy intends to implement nation-wide robust cybersecurity measures, enhancing information security competence and awareness, developing legal framework and advancing international cooperation. It creates a viable cybersecurity sector with export capacity, addition of new skills, new solutions commissioned by the Government.

The Cyber Security Strategy currently places little focus on concrete measures supporting domestic enterprises that offer cybersecurity solutions. It should be improved to ensure better coordination for R&I between SMEs, larger enterprises, academia, civil society and Government and better dissemination of information regarding funding opportunities, which include ERDF funding, Horizon 2020 calls and state allocations through creation and management of cybersecurity focused innovation hubs (Technological Development Centres).

Which partners are working on this?
  • Estonian Information System Authority

The policy instrument tackled by CYBER is the Slovak Operational Programme Research and Innovation 2014 – 2020, Priority Axis 3, Enhancing the competitiveness and growth of SMEs.

This axis is divided in 3 measures, all relevant to CYBER: 3.1 Enhancing the growth of new competitive SMEs, 3.2 Growing internationalisation of SMEs and increased use of the possibilities offered by the EU Single Market, 3.3 Increasing SME competitiveness at their development phase.

 Particularly relevant is the SBIR scheme (Small Business Innovation Research) that supports the exploitation of new ideas in the economy. It aims to foster SME competitiveness and to support entrepreneurs that find themselves in the death valley, where the risk of failure of a business is so high that they are not able to obtain funds from banks or investors. The existing forms of sectorial support (i.e on cybersecurity and the digital economy) are limited and uncoordinated and do not help overcome this barrier.

The OP aims also to create a comprehensive system of support for internationalisation of SMEs to contribute to eliminating existing barriers (high costs, lack of knowledge of the market, regulatory burdens, and insufficient capacity) through more targeted fund. In order to increase added value and productivity, the OP recognises the importance of inter-sectoral cooperation. The idea of an innovation ecosystem focused on a specific topic, such as cybersecurity is in line with the foreseen OP improvement.

Which partners are working on this?
  • Košice IT Valley z.p.o.