The design combined the top-down approach of the European Commission’s proposed regulation with a bottom-up approach that would actively involve greater representation from the cybersecurity community. A key aspect of the new structure was a network of Community Hubs of Expertise in Cybersecurity Knowledge (CHECKs), an environment for community-level research, innovation and capacity building in cybersecurity.

Over the course of the last year, despite the COVID-19 limitations, the process for implementing two prototypes is now well underway in the following regions:

• New Aquitaine, Occitanie and Provence-Alpes-Côte d’Azur (CHECK-T)
• Murcia

The opportunity to observe the implementation process is providing valuable insights on the needs and expectations of stakeholders as well as details, challenges and possible obstacles that will have to be considered for the further development of the CHECK concept.

The latest work has validated some of the basic postulates and assumptions through a series of interviews, clustering and analysis of responses and comparison between different approaches.

In another report, we have also continued the development and maturation of the initial design of the governance structure, based on the experience from the test CHECKs, the ongoing examination of best practices and the identification of possible legal issues including the ongoing legislative ratification of the regulation.  This especially includes the development of the concept of CHECKs as a bottom-up element in the future Cybersecurity Competence Network.

Christina von Wintzingerode, Goethe-Universität Frankfurt