EU CYBERSECURITY PUBLIC-PRIVATE PARTNERSHIPand ECSO

(European Cyber Security Organisation)

September 2017

A EUROPEAN PPP ON CYBERSECURITYThe European Commission has signed on July 2016 a PPP with the private sector for the development of a common approachand market on cybersecurity.

AIM1. Foster cooperation between public and private actors at early stages of the research and innovation process in order to allow

people in Europe to access innovative and trustworthy European solutions (ICT products, services and software). Thesesolutions take into consideration fundamental rights, such as the right for privacy.

2. Stimulate cybersecurity industry, by helping align the demand and supply sectors to allow industry to elicit futurerequirements from end-users, as well as sectors that are important customers of cybersecurity solutions (e.g. energy, health,transport, finance).

3. Coordinate digital security industrial resources in Europe.

BUDGETThe EC will invest up to €450 million in this partnership, under its research and innovation programme Horizon 2020 for the2017-2020 calls (4 years). Cybersecurity market players are expected to invest three times more (€ 1350 mln: leverage factor = 3)to a total of €1800 mln.

SUPPORTEuropean Cyber Security Organisation – ECSO Association has been created to engage with the EC in this PPP.ECSO is open to any stakeholder (public / private; user / supplier) allowed to participated in H2020 projects.

ABOUT THE EUROPEAN CYBERSECURITY PPP

2

A DOUBLE APPROACH, BEYOND TRADITIONAL EC PPPs: LINKING RESEARCH AND CYBERSECURITYINDUSTRIAL POLICY

The cPPP will focus on R&I, developing a SRIA and supporting its implementation in the H2020 WorkProgramme

The ECSO Association will tackle other industrial policy aspects for the market and the industrial / economicdevelopment

ECSO will support the development of the European cybersecurity industry and EU trusted solutions, includingcooperation with Third Countries.

REFERENCE DOCUMENTS1. Industry proposal2. Strategic Research and Innovation Agenda (SRIA) proposal (already evolving)

ABOUT THE CYBER cPPP

3

Identifies industrial cybersecurity challenges in Europe

• Global cybersecurity and ICT market dominated by global suppliers from outside Europe.

• Innovation led by imported ICT products.

• Strategic supply chain dependency.

• Mature commodity market; professional applications under development / evolution (e.g.Digitizing European Industry)

• Market fragmentation.

• Innovation: strong in Europe but not always properly funded due to a lack of a consistenttransnational approach and global EU strategy. Results of Research and Innovation arehardly reaching the market.

• Weak entrepreneurial culture, lack of venture capital.

• European industrial policies not yet addressing specific cybersecurity issues.

• Human factor.

• Sovereignty.

Where we started: « Industry Proposal »

4

Identifies industrial operational and strategic objectives

1. Protecting infrastructures from cyber threats.

2. Use of massive data collection to increase overall security.

3. Increased European digital autonomy.

4. Security and trust of the whole supply chain.

5. Investments in areas where Europe has a clear leadership.

6. Leveraging upon the potential of SMEs.

7. Support local competence and development.

8. Increase competitiveness.

Where we started: Objectives

5

STRATEGIC R&I AGENDA - SRIA

The SRIA defines the priorities for research, and innovation for European

cybersecurity industry in upcoming years.

EMPHASIS IS ON

1. Transform innovation and applications into new business opportunities that

help to solve the challenges that Europe (and others) are facing.

2. Bring growth to cybersecurity industry by creating new technical solutions and

services and support their deployment to both European internal market as well

as others.

6

ECSO - Purpose & objectives➢ Short term

– R&I priorities for H2020 (2018-2020 work programme);

– EU Certification & Labelling Framework

– European HR Network to foster education and training and support job growth in cybersecurity

– Increase membership (users & operators), stabilise governance

– Develop dialogue and harmonisation of objectives

➢ Medium Term

– Standardisation

– Investment funds

– Regional approach (smart specialisation & regional funds)

– Support to SMEs

– Develop awareness and cyber ranges

– Prepare for post H2020 ("FP9")

– Development of components, systems, services strategic for Europe

– Build International dialogue / cooperation

➢ Long Term

– European industry among cybersecurity market leaders in targeted sectors

– Support to business development and global competitiveness

BENEFITS for members

1. Your input into strategic political and operational documents: proposing / advocating for your own prioritiesand strategy for R&I, investment, standards / certification, legislations, etc.

2. Close collaboration with EU institutions at all level and national Public authorities

3. Participation in decision making bodies (General Assembly, Association Board, partnership Board, StrategyCommittee, Working Groups, Task Forces, etc.)

4. Participation into high-level events / workshops / conferences and representing ECSO at national / EU level

5. Networking with stakeholders from all sectors and countries

6. Direct access to 1st hand information (newsletter, collaboration platform, etc.)

7. Access to competitive R&I consortia via ECSO

8. Better understanding of business opportunities at EU and national level, in particular when linked to EUregulations, directives, norms etc.

9. Better understanding of job needs and availability in this sector: participation in the foreseen EU Network forcybersecurity job creation and education

10. Coordinated support to SMEs to develop their skills and presence in Europe

ECSO MEMBERSHIPMembership criteria

1. Legal Entity established at least in an “ECSO Country” (EU Member State, H2020 associated country or an EEA/ EFTA country).

2. A public body from an “ECSO Country”.

Categories of members

1. Large companies : cybersecurity solutions / services providers;

2. National and European Organisation / Associations (gathering large companies and SMEs) representinginterests at national or European / International level.

3. SMEs solutions / services providers directly represented; Associations composed only by SME, Startups,Incubators, Accelerators.

4. Users / Operators (where cybersecurity technology / solutions / services provision is not one their businessactivities): National public administrations or private companies (large or SMEs) directly represented.

5. Regional / Local public administrations (with economic interests); Regional / Local Clusters of public / privateLegal Entities with local economic / ecosystem development interests.

6. Public Administrations at national level (national strategy / regulatory / policy issues, incl. R&I coordination).

7. Research Centers, Academies / Universities; Associations composed only by Research Centers, Academies orUniversities.

8. Others (financing bodies, insurances, consultants, etc.).

ECSO membership

• Associations : 20

• Large companies and users: 67

• Public Administrations: 15

AT, BE, CY, CZ, DE, EE, ES, FI, FR, IT, SK, FI, NL, NO, PL,

UK + observers at NAPAC (BG, DK, HU, IE, LT, LU, LV,

PT, RO, SE, SI, MT, …)

• Regional clusters; 2

• RTO/Universities: 54

• SMEs: 47

Looking for increased membership from users /

operators

ISRAEL 2

ITALY 29

At the time of the signature ceremony of the PPP contract (5th

July 2016), ECSO counted 132 founding members. Now we are

205 organisations (on June 21st 2017, 13 new requests since

that date) from 27 countries and counting

10

European Cybersecurity Council(High Level Advisory Group: EC, MEP,

MS, CEOs, …)

ECS - cPPP Partnership Board (monitoring of the ECS cPPP - R&I priorities)

EUROPEAN COMMISSION

ECSO –Board of Directors(Management of the ECSO Association: policy/market actions)

R&I

ECSO General Assembly

INDUSTRIAL POLICY

Coordination / Strategy Committee Scientific & Technology Committee

WGStandardisation /

certification / labelling / supply

chain management

WGMarket deployment

/ investments / international collaboration

WGSectoral Demand

(market applications)

WGSupport to SMEs

and regions

WGEducation,

training, exercise, raising awareness

WGSRIA

Technical areas Products

Service areas

SME solutions / services providers;

local / regional SME clusters and

associations Startups, Incubators / Accelerators

Large companies Solutions / Services Providers; National

or European Organisation / Associations

Regional / Local administrations (with economic

interests); Regional / Local Clusters of Solution / Services providers or users

Public or private users /

operators: large

companies and SMEs

National Public Authority

Representatives Committee R&I Group /

Policy Advisory Group (GAG)

Others (financing

bodies, insurance,

etc.)

Research Centers (large and

medium / small), Academies /

Universities and their Associations

Governance

WORKING GROUPS & TASK FORCES

WG 1StandardisationCertification /

Labelling / Supply Chain Management

WG 2Market development /

Investments

WG 3Sectoral demand

(vertical market applications)

WG 4Support SME, coordination with countries (in particular

East EU) and regions

WG 5Education, training,

awareness, exercises

WG 6SRIA

Technical areasProducts

Services areas

12

Update of WGs activities

➢ WG1 (standards / certification / label / trusted supply chain)

Initial activities focus on the overview of existing cybersecurity standards and certification schemes relevant for theactivities of WG1 (SOTA – which will be public and evolve every 6 months), and the identification of the challengesrelevant for the industrial sector (COTI – which will remain an internal document). They are used as basis for ECSOrecommendations for EU certification in the Meta – Schema document.Contact: roberto.cascella@ecs-org.eu

➢ WG2 (market / funds / international cooperation / cPPP monitoring)

Initial internal work on business models (also with insurances and private funds) and funding programmes. Need tobetter identify possible priorities for international cooperation. Work with EC to better define cPPP monitoring KPIs /criteria.Contact: danilo.delia@ecs-org.eu

➢ WG3 (verticals: Industry 4.0; Energy; Transport; Finance / Bank; Public Admin / eGov; Health; Smart Cities)

State of the Art deliverable under definition, engagement with users initiated. SubWG meetings ongoing to definedetailed needs / objectives / actions. Initial meetings with different Directorate Generals at the European Commission(ICT, energy, transport, internal security, etc.) to better define technology prioritiesContact: nina.olesen@ecs-org.eu

13

Update of WGs activities

➢ WG4 (SMEs, Regions, East EU)

SMEs: discussions on other forms of support to SMEs other than R&D (e.g. EU regional funds); SME hub; cooperationwith large companies; certification issues / labelling; workforce.Regional aspects: cooperation with “EU Regions“(DG REGIO + DG CNECT + DG JRC, DG GROW, ECSO members andregions not ECSO members): identification of regional and structural funds for cybersecurity; gathering of Regions tobetter target these resources. East EU aspects to be developed soon.Contact: danilo.delia@ecs-org.eu

➢ WG5 (education, training, awareness, cyber ranges…)

SubWG meetings ongoing to define detailed needs / objectives / actions. Just started the ERH-4CYBER Network (topromote and harmonise education and training and develop job creation)

Contact: nina.olesen@ecs-org.eu

➢ WG6 (SRIA)

Informal suggestions delivered to the European Commission for the 2018 – 2020 H2020 Work Programme:organisation of the priority topics identified by ECSO in the SRIA (good acceptance of suggested priorities). Contactswith other PPPs and similar EU activities to coordinate objectives.Contact: roberto.cascella@ecs-org.eu 14

15

Mission and Objectives• Development and promotion of an ecosystem supporting SMEs business through a

structured dialogue among SMEs, large companies, investors and public authorities

• Design and implementation of a network of regions working together to take advantageof regional funding instruments enabling a wider range of SMEs, start-ups to get fundingin the early stage of business development but also to develop an interregional andcross-sectorial network mechanism to foster the cooperation in cyber risk managementbetween specialized/no specialized regions

• Participation of East EU SMEs in the development of the European cybersecurity market

Structure• SWG4.1 SMEs, start-ups and high growth companies• SWG4.2 Coordination with activities in EU countries and regions• SWG4.3 Support to East EU Members

WG4 - Support to SME's, coordination with countries & regions

16

The regional cooperation among all stakeholders is a strategic resource for:

The EU industrial policy: Cybersecurity requires coping with the fast-developing threat landscape andtechnology evolutions

A strong regional cooperation among top-class universities, research labs and private companies(both operators and providers) is instrumental in the setting of an ambitious ecosystem supportingthe quick emergence of start-ups with products / services that effectively reach the market.

The cyber risk management: Our analysis revealed that 24 clusters /regions are already investing manyhuman and financial resources in the development of cybersecurity capabilities

An interregional and cross-sectorial network mechanism should be implemented to foster thecooperation between specialized/no specialized regions (information sharing, incident response, bestpractices, trainings costs shared at regional level).

**AEI Ciberseguridad, Bavarian ICT security Cluster, Berlin ICT cluster, Brandenburg, Centro (PO), Comunidad de Madrid, Conseil Regional de Bretagne, Estonian ICTcluster, Eurotechnolgies/ Cluster Confiance Numérique et Cybersécurité, Gipuzkoako Foru Aldundia, Finnish Information Security Cluster, Hague Security Delta, Keski-Suomi, Latvian Information and Communications Technology Association, Métropole de Lyon, Network Security Monitoring Cluster, Oberösterreich, Region MidiPyrennes - Aerospace Valley, ROMSECA Federation, Sachsen, Scotland Europa, SecurityMadeinLu, Systematic Paris-Region, Wklaster - Wielkopolska ICT Cluster Pomorskie

WG4 - Support to SME's, coordination with countries & regions

17

Focus on Regions

• ECSO hosted a kick-off meeting on the role of regional cooperation on cybersecurity (29th March 2017)

• 11 regions, 4 DGs (REGIO, CNECT, GROW, JRC), 5 national public administrations and 2 industrial associations

• EC has given a global picture on EU investment mechanisms

• The dialogue revealed some common challenges: training and education, cost sharing on test industrialplatform/infrastructure, the need of information sharing on attacks and risk

Actions proposed (ref: ECSO WG4 position paper)

• Mapping regions, clusters, and SMEs’ associations in Europe with interest in cybersecurity market and thus develop

a clear view of what is the specification and added value of local/regional cooperation both in terms of industrial

ecosystem and risk management for SMEs

• Specific need on workforce development: provide information on training available at regional level in order to

facilitate the link between high level skilled students/trainees and SMEs

• Sharing the best practices of regional calls/tenders supporting SMEs and facilitating their integration in applicative

solutions tested by large groups.

• Elaborate a strategy of interregional cooperation between regions specialized in cybersecurity (e.g. Britany) and

regions with other industrial specializations ( e.g. Puglia Aerospace District) in order to share costs and capabilities

WG4 - Support to SME's, coordination with countries & regions

Become member of a unique pan-European cyber security organisation and give your direct contribution to the PPP!

www.ecs-org.eu

• Industry Proposal• SRIA• ECSO Statutes• ECSO Bylaws• cPPP contract• ECSO Membership Application Form

18