WG3: Sectoral Demand and Users Committee WG3: Sectoral Demand and Users Committee (Industry 4.0 & ICS, Energy, Transport, Finance, Public Services & eGov, Healthcare, Smart Cities, Telecom, Media & Content)

Engage directly with users (operators, companies, governments) to understand cyber threats, share information among trusted peers, link supply and demand, and act as a transversal WG that defines needs of the sectors for standardisation / certification; education, training and exercises; research / technologies; local / regional initiatives.

  • 11/2020, USER COMMITTEE - Position Paper on the NIS Directive Review (download file)
  • 11/2020, USER COMMITTEE - GREEN PAPER- Challenges for CISO’s & Threat Intelligence Sharing (download file)
  • 3/2020, WG3 MEMBERS - Transportation sector report: Cybersecurity for road, rail, air and sea (download file)
  • 12/2018, WG3 MEMBERS - Position Paper - European Sector - Specific ISACs (download file)
  • 11/2018, WG3 MEMBERS - Energy networks and smart grids: Cybersecurity for the energy sector (download file)
  • 3/2018, WG3 MEMBERS - Smart cities and smart buildings sector report: Cybersecurity for the smart cities sector (download file)
  • 3/2018, WG3 MEMBERS - Healthcare sector report: Cybersecurity for the healthcare sector (download file)
  • 3/2018, WG3 MEMBERS - Industry 4.0 and ICS sector report (download file)
  • 3/2018, WG3 MEMBERS - Financial Services, ePayments And Insurance Sector Report: Cyber Security for the Finance and Insurance Sector (download file)


The European Cyber Security Organisation (ECSO), and in particular its Users Committee (UC), would like to better understand the operational needs of users/operators, the role of CISO’s, and the operational / strategic / business priorities of organisations when it comes to cybersecurity.

In collecting and analysing responses to the survey, it is the aim of ECSO to develop a short study able to inform CISO’s/Boards, industry, and (national and European) policy makers on these important matters in order to, ultimately, enhance the cybersecurity of organisations (incl. their ability to respond to threats) and drive needed cybersecurity policies, regulations and use of resources for businesses and critical sectors.

To reach this goal, we will canvass CISO’s or equivalent, i.e. C-level experts working close to CISOs or in cybersecurity responsibility positions, through a holistic survey that will be shared across the Community (starting from ECSO's UC and broader membership), complemented with telephonic interviews or video meetings.

Link to the survey

ECSO wants to engage directly with users (operators, companies, governments) to establish a true cybersecurity ecosystem, linking supply and demand. Through a dedicated Working Group on 'Sectoral demand', ECSO brings together cybersecurity stakeholders from various sectors in order to:

  • Provide recommendations on policy, technology, and strategy capacity /capability for sectors upon request of the European Institutions or other WGs. (Recommendations on the review of the NIS Directive; Input to WG1 on the definition of certification schemes, WG6 on R&I priorities; Establish collaboration with ISACs, ENISA and sectoral associations)
  • Mapping Sectoral needs and requirements (Sectoral Reports on needs and requirements; ECSO COVID-19 cybersecurity package)
  • Users Committee (Establishing trusted environment for information sharing and strategic threat intelligence among CISOs and peers from different sectors)


In September 2018, ECSO created its Users Committee (UC), a European transversal (cross-border and cross-sector) committee where Users and Operators of Essential Ser-vices (OES) can share sensitive information and strategic intelligence on cyber threats in a confidential and trusted way. The UC itself is autonomously attached to ECSO’s Working Group 3 “Sectoral demand” that represents Suppliers, Users and OES from different sectors – industry 4.0 / manufacturing, energy, transportation, finance, public services/e-government, healthcare, smart cities, and telecom/media/content.

The UC members are restricted to a network of European Chief Information Security Officers (CISOs) (or equivalent, i.e. C-level experts working close to CISOs or in cybersecurity responsibility positions) who provide strategic suggestions from a private sector and strategic operational perspective in order to tackle current and future challenges and needs for the cybersecurity solutions providers (CSSP) and more widely the cybersecurity market.

The UC has a quadruple approach to its portfolio of activities:

  • A network of European CISOs (or equivalent) across sectors and across borders
  • An open forum of exchange and discussions for lessons learned and best practices be-tween Users/OES
  • A trusted and confidential environment for strategic intelligence sharing among peers
  • Understanding of the needs, requirements, and challenges of a CISO and conveying these messages to the right actors


  • Provide Users/Operators with a space to discuss operational and security related issues in trust and confidence (understand the risks and threats by sharing non public and restricted information).
  • Share best practices, lessons learned and strategic intelligence between C level executives
  • Raise awareness among Users/Operators in general with regards to the dangers of cyber and their vulnerabilities
  • Support ECSO WG3 “Sectoral Demand” and provide recommendations for specific cybersecurity needs.

 The Working Group Chairs are

  • Charlotte Graire - AIRBUS
  • Gabriele Rizzo - Leonardo Company

The working group is segmented into the following sub-working groups:

SWG3.1: Industry 4.0 and ICS 

SWG3.2: Energy (oil, gas, electricity), and smart grids*

SWG3.3: Transportation (road, rail, air; sea, space)*

SWG3.4: Financial Services, e-payments and insurance*

SWG3.5: Public services, e-government, digital citizenship

SWG3.6: Healthcare*

SWG3.7: Smart cities and smart buildings (convergence of digital services for citizens) and other utilities

SWG3.8: Telecom, media and content 

*Priority sectors