From 2020 into 2021: CyberSec4Europe’s Year in Perspective

davidgoodmanGeneral News

31 December 2020

From 2020 into 2021: CyberSec4Europe’s Year in Perspective

Never before at the end of a year have I have received as many good wishes for a “better” next year as this time. Obviously, 2020 was not a good year considering the criteria we are used to.

Almost everybody has been hit by the COVID-19 pandemic, some much harder than others. Most plans made at the beginning of 2020 could not be implemented as expected. Several had to be rewritten to preserve their goals or at least some of them. How did we fare in European cybersecurity and in CyberSec4Europe? Moreover, what does that mean for 2021 and beyond?

Clearly, most of our meeting plans had either to be shredded or thoroughly rewritten. We can be thankful, that the CyberSec4Europe Public Event on the evening of 24 February 2020 and the General Meeting around it had not been scheduled for two weeks later. Then we would have been hit by a more or less spontaneous lockdown. On 24 February probably only our Italian colleagues, some of them hindered from travelling to Brussels already then, could possibly imagine the extent of the pandemic and its impact. The rest of us enjoyed a fruitful meeting with good results and an exciting live panel on governance and other issues regarding the Cybersecurity Competence Network. Moreover, we enjoyed the exciting atmosphere of an inspired post-panel reception hosted by the Hessen Representation in Brussels. It was a vibrant convocation of a cybersecurity community growing way beyond the CyberSec4Europe project partner representatives and looking forward to the next public event in July at the same place.

Then the pandemic hit. The COVID-19 page on the project website shows early reactions and answers based on progressed digitalisation of the work.

While first we hoped to do physical events again later in the year or at least some hybrid events, the events had to become virtual only. Virtual public events, like the public panel on 9 July and the CONVERGENCE event in December together with our fellow pilots, indeed showed that a major share of the existing community and additional people could gather – and did gather – to present and discuss the progress of the Cybersecurity Competence Centre and Network.

Moreover, we passed the first periodic review very successfully after hosting the virtual review meeting on a European-hosted Open Source platform (the predecessor of the Big Blue Button that later served CONVERGENCE very well). Maybe this review meeting was even the first organised in this way, but we definitely put our hands where our mouths are when we are talking about European digital sovereignty. In that spirit, all the many deliverables, on governance, research, road mapping, demonstrator use cases, capability building, certification, validation, standardisation, outreach and community building, were delivered despite the unexpected conditions and in high quality.

At the same time, the outgoing Croatian and incoming German EU Presidencies in trilogue with the Parliament and the Commission progressed negotiations towards an agreement between Council and Parliament, a major and welcome result given the need for more cybersecurity progress and hence the new entity. The Council web page has the final compromise text. In addition, the seat of the new centre was agreed: congratulations go to Romania, especially Bucharest, for their successful application.

So work has not stood still, results have been produced but questions remain:

  • Can we say that we achieved the same in virtual meetings and other gatherings that we would have done under the conditions of the “old normal”?
  • Have we laid the basis for a thriving community improving European cybersecurity while preserving European values, e.g., open and free dialogue?
  • Will the new EU body have a strong soul?
  • Will it exist in an EU, whose digital sovereignty is strong enough to shape the future? There are promising elements, but only the future will really tell.

Certainly, there is more work to do, especially for pilots such as CyberSec4Europe. The upcoming European regulation will need a lot of underpinning by:

  • A lively community and ecosystem progressing the many initiatives to be coordinated by the Competence Centre and Network;
  • An active centre in Bucharest profiting from a governance that now needs to be further developed based on the regulation;
  • Pilot activities to try out the new opportunities.

Therefore, while a lot of work and achievements, especially considering the conditions, are behind us, more interesting work lies ahead, some of it to be done under lockdown conditions as we can see already now. Still one can profit from the deliverables and contributions by CyberSec4Europe, and the work will lead to more of them in 2021 including the First Flagship Challenge Exercise on 12/13 January.

Eventually we will know how strong and robust the community will be. Its foundations had to be created under circumstances that were not friendly to live communities and yet triggered many efforts to overcome the new and unexpected challenges. Even if there would have been nothing else, that kind of resilience and effectiveness gives good hope for 2021 and the future of the Competence Centre and Network.

2020 was a difficult year for everyone and we came through it – together – with flying colours; and together we can look forward to interesting and exciting new challenges in 2021.

A happy, healthy and safe New Year to everyone!!

Kai Rannenberg, CyberSec4Europe Co-ordinator