Regions play a key role in the development of a European cybersecurity ecosystem. This is one of the main lessons learned from 5 years of collaboration in the framework of the interregional CYBER project, coordinated by BDI and the Brittany Region. The 9 partners from 7 European territories met on Thursday, February 2, in Brussels to assess this cooperation and discuss the future.
Interreg Europe CYBER in brief
How to instigate a cybersecurity ecosystem on a European scale under the impulse of the regions? This is the question that the 9 partners from 7 regions of the European Union have tried to answer:
- Brittany, represented by Bretagne Développement Innovation, as lead partner, and the Regional Council;
- Castilla y León (Spain) ;
- Tuscany (Italy) ;
- Wallonia (Belgium) ;
- Estonia ;
In addition to these structures, there is ECSO, the European Cyber Security Organization.
From 2017 to 2022, this interregional cooperation of ecosystems came together under the name Interreg Europe CYBER. “The project was born at a time when the subject of cybersecurity remained the preserve of experts and connoisseurs, recalls Sara Minisini, CYBER project coordinator at BDI, which is the project leader. We were convinced that these regional ecosystems, made up of public and private innovation players, could play a role in the development of a European ecosystem and a competitive cybersecurity offering.”
This work was established in two phases corresponding to the regional and European levels. The first, from 2018 to 2021, consisted of an analysis of the strengths and weaknesses of each region and the sharing of best practices to bring the cybersecurity sector to life in each of the territories. The second, from 2021 to 2023, allowed the implementation of public policy actions to support cyber companies in their access to the market and skills.
Brittany, bridgehead of Interreg Europe CYBER
As the project’s coordinator through BDI, Brittany is supported by a mature ecosystem. “First of all, from the point of view of the players present. Today, we have more than 200 of them installed on our territory, with companies of all sizes and cutting-edge research laboratories. The training offer is also well developed: every year, 3,000 students are trained in cybersecurity in Brittany, points out Sara Minisini. Then in terms of initiatives instilled in the territory.”
During the exchange of best practices, Brittany was a source of inspiration, with its cyber breakfasts and its BreizhCTF. Slovenia and Wallonia have developed their own cybersecurity competitions, the “Cybernight”, which now have several editions. “The cyber breakfasts are a perfect example of the importance of having a regional player that keeps the cyber community alive to foster skill building and information exchange.”
In addition to having emulated in the animation of cyber channels, Brittany has taken on the role of intermediary. Both on the institutional level and for companies. “We have created synergies by bringing this network game to life. We have given visibility to our companies with CYBER’s partners. For institutional relations, the most striking example is the meeting between the Tuscany Region and the ANSSI, during the European Cyber Week 2022. Creating emulation in order to bring out partnerships or business opportunities was part of our objectives.”
Challenges to be met
During their final meeting in the framework of the CYBER project, on February 2, 2023 in Brussels, these partners returned to the role of the regions in this ambition to build a European cybersecurity offer. Three types of challenges common to all territories were highlighted: the need for skills, the fragmentation of the cybersecurity market at the European level, and insufficient collaboration between the various players in the ecosystems, particularly between the public and private sectors.
Challenges that did not remain without solutions. “For the skills part, regions can decide to diversify their training offer and work on their attractiveness. Estonia has done this by setting up a visa system, for example. They also need to raise awareness of the job opportunities offered by the cybersecurity sector. It’s not just about promoting the technical side. Other cyber jobs are related to legal and business areas or regulations.”
In the field of cooperation, work must be done to connect the various stakeholders. “This is the meaning of the mapping of cybersecurity players carried out by BDI, recalls Sara Minisini. We wanted to have a map of the different skills present at the scale of our partnership in order to facilitate connections between the players.” To simplify and accentuate their cooperation, the public and private sectors must rely on well-defined functions. “The public needs to be there to launch and coordinate initiatives that meet a long-term vision. The private sector must take ownership to make them more sustainable, drawing on the expertise and resources of the players.”
In order to respond to the fragmentation of the European market, “the European Union is harmonizing by working on legislation and implementing regulations. For the awareness and integration of cybersecurity by companies and users, the regions can influence, because of their proximity.” In this context, the EDIH (European digital innovation hub) Breton will have a vocation to accompany the digital transformation of companies.
EDIH and FIC in the line of sight
Officially closed, the cooperation induced by the Interreg Europe CYBER project will continue beyond February 2nd 2023. In particular through the EDIH, which will help European companies to be more competitive on the digital level. But it is especially during the next International Cyber Security Forum (FIC) in Lille that the continuation of this interregional alliance will make sense. “The regions of CYBER will come to the Brittany stand, announces Sara Minisini. An animation is planned with them to continue the steps taken during the CYBER project.”
Officiellement close, la coopération induite par le projet Interreg Europe CYBER subsistera au-delà du 2 février 2023. Notamment par l’intermédiaire des EDIH, qui aideront les entreprises européennes à être plus compétitives sur le plan numérique. Mais c’est surtout lors du prochain Forum international de la cybersécurité (FIC) de Lille que la poursuite de cette alliance interrégionale prendra tout son sens. “Les régions de CYBER viendront sur le stand Bretagne, annonce Sara Minisini. Une animation est prévue avec elles afin de poursuivre les démarches entreprises durant le projet CYBER.”
Brussels has defined the year 2023 as the European year of skills. The continuation of CYBER could be colored by this theme. “The skills track is an interesting one to explore. The year 2023 is placed under this theme. I think there is a real need to explore this topic. ENISA (European Union Agency for Cyber Security), with whom we collaborate, is working on this subject. We agree to stay in touch in order to contribute on the regional policy and territory link part.”