Cybersecurity threats know no borders and are becoming more and more sophisticated.
In a fast changing world, increasingly dependent on digital services, breaches in cybersecurity are a threat to governments, businesses and citizens. They not only cause damages and costs. They also undermine trust of internet users.
The EU is investing in answers to these challenges. Its Digital Single Market Strategy is flanked by the EU Cyber Security Strategy (2013) and the Network and Information Systems Directives.
With these challenges, however, comes opportunity. Europe 2020 is designed to ensure that the EU economy addresses today’s main challenges, while promoting competitiveness. Cybersecurity fits into this aim. It presents an opportunity for SME competitiveness. If policy can help SMEs to overcome a series of barriers, SMEs can take advantage of the cybersecurity market as it expands at an astonishing rate.
CYBER overall objective is to boost competitiveness of cybersecurity SMEs, thanks to improved public policies. It involves public authorities that can help knock down barriers of market fragmentation, lack of coordination of regional actors and lack of skills. The innovation ecosystem is the thread that runs through CYBER’s suggested policy improvements.
Interregional cooperation is key to identifying solutions and moving towards a more integrated cybersecurity market. CYBER uses a series of interregional events and connects stakeholders to address common barriers to an interregional problem.
Thanks to policy improvements that help to create and strengthen innovation ecosystems, CYBER achieves improved competitiveness of EU cyber SMEs.
Medium-term results are to reduce fragmentation and ensure greater coherence between offer and market demand, with a chance to build up skills and merge competences. In the long term, by making the digital world safer, CYBER contributes to the development of the EU digital market.
Brittany’s Investment for Growth and Jobs Programme ROP 2014-2020 aims to strengthen the coherence between investment and structural reform priorities. It focuses on the need to promote growth and employment to achieve Europe 2020 objectives.
The overall goal of Axis 2 «Developing Bretagne's economic performance through support to research, innovation and enterprises» is to support the competitiveness and economic performance of the region. Axis 2 has three main objectives: 2.1 Reinforce the competitiveness of Breton R&D in the European Research Area; 2.2 Improve the innovation capacity of Breton SMEs; 2.3 Increase the production potential of Breton SMEs.
Specific actions aiming to increase the competitiveness of SMEs include support to industrial innovative projects (2.2.3), to collaborative research projects (2.2.2) and to SMEs in all stages of their development (2.3.2).
According to the ROP, support for SMEs should be consistent with the RIS3, which includes cybersecurity as a strategic innovation area. In addition, specific actions and tools should be designed and implemented according to emerging needs or to a specific sector.
Considering the rapid growth of this industry and the increasing number of SMEs active in in this market, current actions should be improved and new approaches developed to better address the needs of regional SMEs (i.e. collaboration with research and Large Companies, access to larger markets, access to funding) and help them be more competitive.
Thematic objective 3 of the 2014-20 ERDF Operational Programme (OP) of Castilla y León aims to improve SMEs competitiveness in the region.
The main aim of the measures within objective 3 is to foster the entrepreneurial spirit and SME development in cybersecurity, through advanced support services and facilities. This will help SMEs to grow, collaborate, consolidate and gain international markets.
The following specific objectives are relevant to the topic addressed by CYBER: OE.3.1.2. creation of new enterprises and business incubators with improved access to funding and advanced support services; OE.3.4.2 promotion of innovation and cooperation to foster innovation in all sectors; OE.3.4.3. SME internationalisation.
These measures foster entrepreneurship in ICT, including the development of cybersecurity solutions through support for business creation and growth. They support increased usage of ICT tools in SMEs through technological investments / advanced technical services.
Based on the RIS3 analysis, it is necessary to deepen some structural elements (RTD infrastructures, clusters) to improve the incorporation of innovation in SMEs. Weaknesses refer to difficulties in reaching SMEs and low number of entrepreneurs. It is necessary to work on measures of the OP to reinforce competitiveness, foster the creation of new businesses and stimulate business growth from SMEs to Mid-Cap companies, providing more targeted support to SMEs active in the cybersecurity spectrum.
The Tuscan ROP 2014-20 and the regional RIS3 are implemented in a policy framework that, for ICT related topics, also includes the Digital Agenda and the Regional Industry 4.0. Strategy. In the framework of its RIS3, Tuscany Region (RT) built up this strategy to spread Industry 4.0. to SMEs and enhance SME integration in global value chains. All these strategies are implemented through the financial instruments of the ROP, which is the policy instrument tackled by CYBER. The focus will be Axes 1 and 3, considering measures 1.1.5 innovation, 1.4.1 innovative start-ups, 3.1.1 investment support and 3.5.1. support for new enterprises.
Through these axes, SMEs receive financial support to develop innovation projects in products, services, or business processes and for investments to increase competitiveness. Beneficiaries include the many SMEs operating in the IT sector in Tuscany and the many SMEs that could benefit from better cybersecurity systems. Following the Industry 4.0. priorities, and thanks to the new cybersecurity network (with relevant stakeholders and new structures), actions focused on cybersecurity will be piloted in the ROP.
The ROP could be improved through:
- specific measures for competitiveness targeting cybersecurity;
- more market oriented approach;
- interaction between clusters in emerging and consolidated sectors, to promote coordinated action for cybersecurity (in line with the ecosystem concept), while promoting market opportunities for SMEs.
Digital Wallonia is the strategy and platform that reunites all the ICT actors of the region (500M€ budget). It was created by the regional government to boost the role of Wallonia as a centre for excellence in the sector.
Strategic objective 1.1 focuses on developing a growth programme for companies in the digital sector.
It is divided into the following axes:
1.1.1. Structure, streamline and animate the digital ecosystem.
1.1.2. Facilitate access to finance at each stage of the business life cycle.
1.1.3. Stimulate the growth of start-ups and SMEs through public action.
1.1.4. Strengthen research dedicated to digital technology and facilitate its transmission to businesses.
Strategic objective 1.2 focuses on the development of the digital sector’s international dimension, with an axis aiming to accelerate growth of champions in the digital sector abroad (1.2.1).
The strategy has 50 measures, of which 2 active measures focus on cybersecurity:
1) To stimulate SMEs to consider cybersecurity in their business, through a catalogue of services supported by regional funding;
2) To set up a label system for cybersecurity.
One of the main challenges identified by AdN is that the two sides of the market (SMEs interested in cybersecurity services/products and cybersecurity SMEs) will have to be reinforced in parallel, building on the work done within the Digital Wallonia strategy. The strategy should be improved also to reach more SMEs and build awareness on cyber-related topics.
Linked to Slovenia’s RIS3, Digital Slovenia 2020 (2016) lays down Slovenia’s key strategic development goals for the Information Society. It combines the Next-Generation Broadband Network Development Plan and the Cyber Security Strategy into a unified strategic framework. The Cyber Security Strategy is the policy addressed by CYBER. Its implementation is funded from the state budget and the Slovenian OP - EU Cohesion Policy 2014-20.
The Cyber Security Strategy has 8 Objectives. Objective 3 refers to cybersecurity in the Economy, with 2 areas of intervention:
1.Measures to foster research, development and innovation in the field of cybersecurity;
2.Awareness raising measures about cybersecurity among companies.
R&D projects should support industry digitalisation and help upgrade the cybersecurity system. Improved cooperation between business and academia is envisaged. The aim is to create a critical mass of cybersecurity experts and foster public-private partnerships, to develop innovative products / services with high market value in Slovenia and abroad.
Standards for cybersecurity will be developed and their implementation will be enforced.
3 main weaknesses have been identified, and are the reason why participation in CYBER is important:
1.specific characteristics of SMEs are not addressed;
2.there is a lack of resources and need for strategies to leverage further funding;
3.collaboration between stakeholders should be enhanced to improve market access / competitiveness.
The instrument addressed is the Cyber Security Strategy (to be reviewed in 2018), and connected policy instruments: Digital Agenda 2020 for Estonia and Estonian Entrepreneurship Growth Strategy 2014-2020. The Cyber Security Strategy Action Plan has a budget of 16 million € and it is partly funded through the ERDF. The specific support measure to be targeted by CYBER is the ERDF funded measure for Establishment of Technological Development Centres.
The aim of the policy and support measure of technological development centres is to promote R&D, development of technology and innovation and to improve competitiveness.
The strategy intends to implement nation-wide robust cyber security measures, enhancing information security competence and awareness, developing legal framework and advancing international cooperation. It creates a viable cybersecurity sector with export capacity, addition of new skills, new solutions commissioned by the Government.
The Cyber Security Strategy currently places little focus on concrete measures supporting domestic enterprises that offer cyber security solutions. It should be improved to ensure better coordination for R&I between SMEs, larger enterprises, academia, civil society and Government and better dissemination of information regarding funding opportunities, which include ERDF funding, Horizon 2020 calls and state allocations through creation and management of cybersecurity focused innovation hubs (Technological Development Centres).
The policy instrument tackled by CYBER is the Slovak Operational Programme Research and Innovation 2014 – 2020, Priority Axis 3, Enhancing the competitiveness and growth of SMEs.
This axis is divided in 3 measures, all relevant to CYBER: 3.1 Enhancing the growth of new competitive SMEs, 3.2 Growing internationalisation of SMEs and increased use of the possibilities offered by the EU Single Market, 3.3 Increasing SME competitiveness at their development phase.
Particularly relevant is the SBIR scheme (Small Business Innovation Research) that supports the exploitation of new ideas in the economy. It aims to foster SME competitiveness and to support entrepreneurs that find themselves in the death valley, where the risk of failure of a business is so high that they are not able to obtain funds from banks or investors. The existing forms of sectorial support (i.e on cybersecurity and the digital economy) are limited and uncoordinated and do not help overcome this barrier.
The OP aims also to create a comprehensive system of support for internationalisation of SMEs to contribute to eliminating existing barriers (high costs, lack of knowledge of the market, regulatory burdens, and insufficient capacity) through more targeted fund. In order to increase added value and productivity, the OP recognises the importance of inter-sectoral cooperation. The idea of an innovation ecosystem focused on a specific topic, such as cybersecurity is in line with the foreseen OP improvement.