| NOTAS: | "The online Digital Single Market (DSM) is in increasing jeopardy from various forms of cyber-attacks. The need for a strong and effective EU Network and Information Security (NIS) Industry becomes two-fold; on the one hand the DSM needs NIS protection for commercial services, critical infrastructure and the everyday life of its citizens, who depend on online services. On the other hand, the DSM
offers opportunities and tools that can facilitate the growth of the EU NIS Industry. Growth of the NIS industry can occur with direct benefits in terms of revenue for NIS suppliers, growth of the EU GDP and boost of employment in the cybersecurity sector; the latter is of particular importance considering that cybersecurity is one of the faster growing segments of the ICT industry. To achieve this, innovation in cybersecurity is a key enabler. ENISA supports the efforts aimed to enhance the overall level of cybersecurity in the Member States (MS) both at a national and EU level. This report supports that effort by analysing how Member States are approaching innovation as a strategic priority under National Cyber Security Strategies (NCSS). The analysis is structured around several aspects of innovation such as: Innovation Priorities, Industrialisation and Collaboration and Market and Policy. Each of these aspects is at the same time divided into two dimensions. Innovation priorities can be divided into Innovation in technologies and services, and into economic incentives and investments. Industrialisation and collaboration can be divided into industrialisation processes and activities, and stakeholders’ collaboration. Market and Policy can be divided into Market and Technology Alignment and Market regulation. Each dimension can be supported by several activities and mechanisms. Moreover, this study identifies a set of challenges and good practices, as experts perceive them, across the different innovation dimensions. The identification of these challenges may help in identifying relevant actions for addressing them and also in drafting future innovation strategic objectives. Finally, this report identifies seven recommendations that can be taken into account both at National and EU level to support the development of cybersecurity innovation strategies and enhance their impact: 1. Support and develop sector specific innovation priorities. 2. Support sufficient and adequate level of funding. 3. Involve stakeholders while developing and implementing innovation strategies. 4. Take into account the positive impact of regulatory frameworks on innovation. 5. Support industries in positioning new cybersecurity offerings in the market 6. Promote EU level certification of services/products. 7. Promote NIS training and educational measures. These recommendations form a roadmap for enhancing innovation on cybersecurity under NCSS. Stakeholders who are involved in defining national cybersecurity strategies may take into account the results of this study, in particular, may take into account the identified challenges, good practices and suggested recommendations." |
