Towards a consolidated European cyber security market

While the Silicon Valley is globally referred to as being the most competitive ecosystem in ICT and cyber security offering, Europe has many and various Cyber Valleys hosting mature and regional ecosystems fostering innovation and delivering cutting-edge technologies. 

With a domestic market valued at EUR 25 billion and a very diverse industry landscape, made of 12 000 companies of which 74 % are micro companies and SMEs (source: 2017 ECSO Estimation), the European offering is still very fragmented across the different market segments and Members States. However, Europe can count on several ‘hot spots’ where Research & Innovation and training institutes, as well as end-users and public administrations work closely together. 

Regions are the silo busters of the EU cyber security market 

The EU regions play a fundamental role in structuring the still “young” European cybersecurity ecosystem. Regions are uniquely positioned to raise the global level of cybersecurity due to their privileged connection with the local environments. 

  1. In the context of an emerging lack of qualified cybersecurity professionals, the regions have the potential to address the increasing shortage of cybersecurity providers and operators at the local level working together with local training centres and educational institutions. 
  2. They are an essential part of the triple helix model of economic development, which involves governments, academia, and business. Besides, they play an important role in facilitating the development of local cybersecurity ecosystems by involving RTOs, training centres, services operators, incubators, SMEs and established large companies in cyber security solutions development.

Additionally, what makes the EU regions so unique is the proximity with the local end-users. The local public administrations are the direct users of cyber security products when developing their sectoral policies (e.g. health, energy or transport) and measure for the protection against cyber attacks. It makes the regional level significant in disseminating good practices and establishing preventive measures and immediate response services. 

In the end, to have a more integrated European cyber security market, we need to facilitate not only strong regional actions but also interregional cooperation and coordination. 

Interreg Europe CYBER – for the strong European cyber security valleys and interregional cooperation 

Interreg Europe CYBER aims to boost the competitiveness of the European cyber security SMEs by creating synergies among European cyber security valleys. Three significant barriers encumbering the interregional cooperation among the regional cyber security ecosystems inside the EU have been identified: a lack of coordination between relevant actors, the cybersecurity skills gap and market fragmentation. Through a series of interregional cooperation initiatives, CYBER aims to improve the sharing of good practices and public policies and to strengthen cybersecurity ecosystems. 

Interreg Europe CYBER methodology includes a common and market-driven taxonomy to develop a structured mapping of the regional cyber innovative ecosystems. It comprises cybersecurity providers, end-users, support structures, training organisations and research institutes. The project also aims to understand the inclusion of the local players in the design and implementation of the local cybersecurity strategy. To identify good practices, needs for policy improvement and strategic actions for better policies, project partners exchange information through both tailored questionnaires and high-level strategic planning model (SWOT analysis). 

As an Advisory Partner, the European Cyber Security Organisation (ECSO) brings to the project its expertise on regional cybersecurity industrial policies, acquired in its Working Group 4 focusing on ‘support to SMEs and regional cooperation'. Thanks to this substantial endeavour in positioning regions at the heart of the European policy decision-making in cybersecurity, ECSO provides guidance on the implementation of a multi-layered approach for more structured competitive ecosystems. 

A multi-layered approach for cybersecurity: from Regional to European 

The stimulation of the interregional cooperation as conducted through CYBER will reduce market fragmentation and contribute on the long term to the development of the EU Digital Single Market. The 2017 European Commission Package on Strengthening Europe’s Cyber Resilience already indicates the EU regions as the intermediary players, standing between cybersecurity local ecosystems and European policy-making for the development of the future innovative European cybersecurity industry.

Danilo D’Elia, Senior Policy Manager, & Ana-Isabel Llacayo, Policy Manager at the European Cyber Security Organisation (ECSO). 

This Article was originally published on, accessible here: