ECCO, the project to build a European cybersecurity community

ECCO finds its place within the frame of the ECCC regulation (on competence centers), the National Coordination Centers (NCCs) and the NCC Network. In this regulation, approved by the European Parliament in 2022, the third pillar (beyond the Centre in Bucharest and the NCCs) is the Cybersecurity Community. This project is the natural extension of many of the ongoing activities of ECSO and the other ECCO Partners.

The creation of the ECCC and the network of NCCs will be of fundamental importance for the European Union because it will help the cybersecurity community to have access to European funds for digital, contributing to achieve the objectives set by the European cybersecurity strategy and to consolidate Europe’s leadership position for the digital transition.

With this approach, the Commission wants to bring together competences and resources to strengthen the cyber security of its citizens and businesses and to make it less dependent on solutions from third countries. To reach this objective we need to develop a stronger European Cybersecurity Community understood as an ecosystem of companies, universities, research institutes and public sectors, i.e., all those actors which contribute to the cybersecurity of the European Union and its citizens.

« Strategics objectives »

One of the most important aims of the cooperation between the ECCC, the NCCs and the Community will be to identify, finance and develop strategic objectives to increase European competence and its presence in the cybersecurity market. EU Member States are at present building up their NCCs and are defining the detailed criteria for enrolling the members of the “Community” from the respective countries.

ECCO is an ambitious project for many reasons. The first challenge, was to bring together among the most important cybersecurity stakeholders in Europe, starting from ECSO members and the main coordinators of the four Pilot projects on Competence Centres (CONCORDIA, ECHO, CYBERSEC4EUROPE, SPARTA).

These actors bring in ECCO the competence of more than 450 organisations, without considering the many other operational cooperations with European actors in the domain which did not take part in the Pilots or in ECSO. This is indeed a unique basis upon which to build the European Community. Other partners in ECCO are specialists in their domain: EU R&I platforms and dissemination, cybersecurity market, project management and quality control.

Developing the “Community” means to cooperate with all the digital actors in Europe, having different roles in the cyber domain, with levels of interest and / or maturity of the different sectors and countries. There is not a unique “Community” but many local, regional, national, sectors communities that need to be linked and helped to establish dialogue and cooperation across Europe (and beyond, as cybersecurity is a global issue).

The need for « strong cooperation«

There are thousands cybersecurity actors in Europe, without considering that any EU citizen is an actor in the digital transformation and needs cybersecurity. We cannot tackle them all at European level. For this reason, a strong cooperation with the NCCs will be needed, both to support them in the growth of national communities and to build collectively a European Community that can be more competitive and less dependent on external solutions and services.

To tackle these challenges, ECCO is declined into three main tasks: A) definition of the European market, stakeholders, investments made, and strategic investment needed; B) development of the cybersecurity communities and matchmaking; C) support to the ECCC, the NCCs, their activities and the Community awareness.

In Task A the analysis of the market will allow the identification of the main actors as well as their strengths and weaknesses. This will constitute the basis for understanding upon which forces we have to build our future actions. The analysis of the public and private investments and funding and their impact on the market will give an idea of the need for focused approaches in the future in specific areas to rise the competitiveness of the European actors.

Information from this analysis and external sources will be progressively collected in a Market Observatory which will allow for the extraction of cybersecurity market intelligence, also to inform decisions for priorities for R&I and other investments.

The Observatory will also be complemented by the Cyberwatching.eu approach for an increased visibility of R&I projects to bring their results to market and increase cooperation among stakeholders. The overall Task A activity will support the ECCC and the NCCs to take informed decisions on future investments, also with the support of the private sector, for an increase strategic autonomy of Europe in cybersecurity.

Building cooperation between communities

The knowledge of the main stakeholders, of the communities and of the market developed in Task A will be used in Task B to build cooperation among these communities, overcoming existing barriers. Concrete activities are foreseen as matchmaking between start-ups and investors or users to develop the rich innovation capacity of our SMEs, but also information days and networking events, are foreseen to promote future EU Programmes and funding in the domain but also market update of past projects.

Developing technologies is not sufficient without also developing education, training, and skills in general in cybersecurity. Strategy and actions will be planned to support the growth of citizens and of professionals in the domain, also facilitating gender inclusion. Awareness campaigns will be launched to inform about the challenges of new technologies and the need for a higher cyber hygiene.

The competence and the cooperation developed by the different actors of the Community should also contribute to the development of the ECCC / NCCs approach as envisaged in Task C. Six Working Groups are proposed (R&I, Update in vertical domains; Synergies Civilian and Defence / Space; Support to startups / SMEs; Link with End users and citizens; Skills – education, training, …) to strengthen cooperation around specific strategic areas, develop common approaches and be ready to support the work of the ECCC and NCCs.

The activity of these working groups will support the knowledge sharing between NCCs and their interaction at European level. Specific events will also be organised across countries (also in cooperation with regional or national bodies, i.e. NCCs) to stimulate corss-border industrial cooperation and synergies. Specific resources will be dedicated to support the secretariat of the NCCs Network and the ECCC with its Strategic Advisory Group. Media visibility will also be provided to the activities and results of the NCCs and and results of the NCCs and ECCC.

In this changing world, cybersecurity is not just a matter for IT experts, but a vast domain that requires technical, economic, political, social, legal and communication skills. For this reason, the creation of a community that brings together and develops these skills becomes all the more essential.