ECSO News, WG4 - Support to SMEs, Coordination with Countries and Regions

ECSO Webinar Explored Regions’ Cybersecurity Sovereignty and Policies

28/06/2023

On 26 June, in a collaborative effort with Major Cities of Europe, EU City ISAC I4C+, and the Regional Government of Tuscany, ECSO hosted its webinar “Regions contributing to cybersecurity sovereignty”. The webinar’s main goals were to constitute the kick-start of a collective work among regions that will eventually become a community of European regions and to create some common-use guidelines that can be implemented by regional and local authorities independently of where they are established. To facilitate this, the webinar was organised as an open debate and divided into thematic sections designed to tackle the lack of cybersecurity readiness and awareness at the regional level. Each section started with a regional example and allowed ample space for participants’ input on governance models, solutions, services, methodologies and regional policies.

ECSO’s Secretary General, Luigi Rebuffi, opened the webinar with some welcoming remarks in which he accounted for ECSO’s efforts within cybersecurity of regions, these were followed by the interventions of Gianluca Vannuccini, Chief Information Officer and Director of IT Department of the Regional Government of Tuscany and Giorgio Prister, President of Major Cities of Europe/ISAC for Cities.

Over the last five years, ECSO has consistently highlighted the significance of regions and their contribution to the European cybersecurity ecosystem. Despite often being overlooked, European regions play a crucial role in shaping cohesive EU cybersecurity policies. They act as intermediaries, connecting local users, research centres, and cybersecurity solution providers with national and European stakeholders. Regions hold immense potential to bridge the gap between technology and end users, support local SMEs, and facilitate access to innovative technologies. By recognising and leveraging this potential, regions can foster a stronger cybersecurity community and promote business growth.

Today, with the rapid process of digitalisation in every aspect of our lives, citizens, companies and governments need to speed up their preparation to cybersecurity challenges. Regional governments are no exception. They carry the responsibility of bringing the advantages of new technologies to their territorial ecosystems, while protecting them from potential cybersecurity threats.

Marek Bobiš, Policy Officer of the ECON Secretariat, and Anke Schuster, MBA and Policy Officer of Digital Europe at the European Committee of the Regions, highlighted the uneven digital transformation across regions and stressed the importance of measuring digital maturity at the regional level. Nina Hasratyan, from the Cyberwal programme in Digital Wallonia, and Ege Tamm, Analyst at the Estonian Information System Authority, followed up and discussed the organisational models adopted by regional authorities for cybersecurity management and shared insights on cybersecurity measures for the target groups: industry 4.0, hospitals, and public services. They emphasised the need for a Cyber Score Barometer tool to evaluate cybersecurity readiness in regions.

During the final two sections of the event, Oliver Schwabe, from Major Cities of Europe and Chair of EU City ISAC I4C+, furthered the discussion on implementing technologies to structure and safeguard regional intranets. A key message given was that, enhancing technology, infrastructure, and providing user training and awareness sessions for elected officials are crucial aspects in this regard. Leonardo Borselli, Chief Information Security Officer (CISO) of the Tuscany Region, shared valuable insights on effective methodologies for risk analysis, protection, prevention, and incident response in regional contexts. Tiphaine Leduc, Cybersecurity coordinator at Bretagne Development Innovation, and Ines Gergoric, Senior Advisor at the Department of Development and Education of the Chamber of Commerce and Industry of Slovenia, also provided remarkable input on regional policies related to cybersecurity with the focus on training and skills and the need for public-private partnerships in the cybersecurity sector. The panellists shared their experiences and insights with adequate examples, grabbing the focus of the audience that actively participated in the discussions and contributed their questions to enrich the event.

To foster such cooperation, ECSO also has an initiative known as the European Digital Innovation Hubs (EDIHs) consisting of a strong European network of regions to promote cross-border collaboration, expertise and services on digital transformation, especially for SMEs and Public Administrations. Consequently, European cybersecurity community building is unimaginable without the contribution of the regions and the interconnection of their actors.

ECSO takes pride in fostering collaboration among regions in the field of cybersecurity and actively contributing to their increased sovereignty within this domain. Recognising the significant role that regions play in the European cybersecurity ecosystem, ECSO is committed to strengthening these ties further. By empowering and uniting regions, ECSO aims to enhance their capabilities, promote knowledge exchange, and collectively build a resilient and secure European cybersecurity landscape.