Strengthening Synergies in Defence and Civilian Cybersecurity
Creating, gathering, analysing, enhancing, and disseminating vital cybersecurity knowledge, policy recommendations, best practices, and innovative strategies to civilians and militaries within the European Union cybersecurity framework.
Up Next
Training Programme
Created by Risk Sight
Hosted by Constanta Maritme University
This premier training session is designed to equip participants with the knowledge and skills needed to strengthen shared situational awareness between the civil and defence sectors in cybersecurity.
The session explores key steps in achieving this goal, beginning with an understanding of threat intelligence, followed by best practices for information sharing, and culminating in the fundamental pillars of a successful sharing network. When effectively implemented, these elements foster shared situational understanding, which, in turn, enhances shared situational awareness across sectors.
This training session is designed for high-level professionals operating either at the operational or strategic level. Although technical-level participants are welcome, they are not the core focus of the training audience.
Recent Action
Webinar
Organised by The Euro-Atlantic Resilience Centre
The Role of Multi-Stakeholder Expert Networks in Enhancing Cyber Security
14th of April 2025 | On-line event
Having built on the conclusions of the first webinar, Cybersecurity as a Means of Enhancing Cross- Sector Operability in the EU, which has set the stage for a series of discussions and collaborations, aiming to foster a robust dialogue among key stakeholders, including policymakers, cybersecurity professionals, and sector leaders, to explore the pivotal role of cybersecurity in facilitating seamless and secure collaboration between defence and civilian infrastructures, this webinar has targeted the expansion of the ECYBRIDGE network and the subsequent bridging of the existing bonds that have been built in this shared cyber space during all the project activities implemented so far.
In the context of cybersecurity acknowledged as a “shared responsibility” and of a European Union that “strives for cross sectoral, all-inclusive framework for cooperation”, as underlined in ”A Trusted and Cyber Secure Europe. ENISA Strategy”, published in October 2024. The new strategy aims, among others, at: “the continuing enhancement of cyber resilience across critical sectors in the EU, addressing gaps, new risks for the Union and emerging threats, by supporting coordinated risk evaluations and resilience stress tests” and this webinar has contributed to this wider target.
This event brought together high-level civilian and military experts who shared some of their knowledge on the role of multi-stakeholder expert networks in enhancing cyber resilience. Besides the 3 moderators, the 19 speakers represented 10 countries, namely: Albania, Belgium, Bulgaria, Canada, Cyprus, Estonia, Greece, Poland, Romania, The United States of America, out of which 7 EU member states.
This webinar benefited from 239 registered participants and welcomed over 150 participants representing more than 28 countries in the European Union and beyond, underlining a strong degree of diversity. Not only was this diversity reflected in the broad geographical representation, but also in the range of sectors present — including international entities such as: the Council of Europe, NATO Cooperative Cyber Defence Centre of Excellence, European Centre for Information Policy and Security, NATO Crisis Management and Disaster Response Centre of Excellence, NATO Headquarters Multinational Division South East, RACVIAC Centre for Security Cooperation, CRDF Global, as well as EU Advisory Mission Ukraine, EU Permanent Mission to EU Border Assistance Mission in Libya, academia, governmental entities, NGOs, the private sector and more.
Initiatives and Actions
International Conferences
Facilitating rigorous academic, professional, and policy-driven discussions by bringing together thought leaders, industry experts, and stakeholders.
3-5 December 2024
Organiser
Constanta Maritime University, Romania
9-11 December 2025
Anchoring Cyber Resilience: Cybersecurity Strategies for a Unified Digital Europe
Organiser
Constanta Maritime University, Romania
Workshops
Fostering in-depth, hands-on engagement and practical knowledge exchange by convening thought leaders, industry experts, and stakeholders for collaborative learning and skill-building sessions.
24 October 2024
Organiser
National Defence University, Romania
16 January 2025
Organiser
Euro-Atlantic Resilience Centre, Romania
August 2025
Harmonising Cybersecurity: Bridging Civilian and Defence Paradigms
Organiser
The National Institute for Research and Development in Informatics, Romania
January 2026
Digital Unity in Europe: Futureproofing Against Next-Gen Cyber Threats
Organiser
Constanta Maritime University, Romania
Tabletop Exercises
Enhancing cybersecurity preparedness and collaboration by evaluating and improving incident response procedures through real-world scenarios.
22-23 October 2024
Organiser
The Romanian National Cyber Security Directorate, Romania
8-9 October 2025
Mitigating future threats in a Unified Digital Europe
Organiser
Euro-Atlantic Resilience Centre, Romania
White Papers
Synthesising insights from the project to provide actionable recommendations for enhancing EU cybersecurity measures and collaboration, while fostering understanding among stakeholders.
Training
Equipping participants with the knowledge and skills to enhance their organisation’s security posture and unify approaches across sectors and industries.
13-15 May 2025
Designed by
RiskSight, Estonia
Hosted by
Constanta Maritime University, Romania
August 2025
Common and Coordinated Efforts (Incident Response & Management
Organiser
RiskSight, Estonia
November 2025
Applying NIS2 related regulations/implications to the Military Domain
Organiser
RiskSight, Estonia
February 2026
Courses of Action & The Decision-Making Process
Organiser
RiskSight, Estonia
Roundtables
High-profile and timely events that brings together experts, policymakers, industry leaders, and cybersecurity professionals from across Europe to discuss the current cybersecurity
22 May 2025
Overview of the Current Cybersecurity Dynamics in the European Landscape
Organiser
Euro-Atlantic Resilience Centre, Romania
May 2026
Harnessing Emerging Technologies in Strengthening European Unity
Organiser
Euro-Atlantic Resilience Centre, Romania
About The ECYBRIDGE Initiative
The ECYBRIDGE project, under the Digital Europe Programme (DIGITAL-ECCC-2023-DEPLOY-CYBER-04), aims to create a comprehensive and cohesive approach to cybersecurity by fostering collaboration between civil and defence sectors, with the potential to significantly enhance Europe’s cyber resilience.
Recognising the intertwined nature of these sectors in today’s digital landscape, this project seeks to enhance exchange and collaboration between the cybersecurity civilian and defence spheres. By doing so, it cultivates a cohesive strategy that significantly increases Europe’s resilience against emerging cyber threats, providing a sense of security and protection to all stakeholders.
Cybersecurity meant and conducted in isolation is no longer adequate, as most threats are interconnected, with the boundaries between the civil and military sectors frequently blurred. To achieve increased security efficiency in cyberspace, we aim to adopt a converged approach involving all relevant stakeholders and actors. This will involve building an efficient defence synergistic mechanism that begins with mutual understanding and a shared vision, and concludes with common mechanisms and tools.
Recognising that cybersecurity is central to the safe digital transformation of the European Union, ECYBRIDGE is positioned to align with existing EU cybersecurity, defence, and research frameworks, as well as the themes and priorities of the European Defence Fund, Horizon Europe, and Digital Europe in the digital realm. Serving as a conduit for ideation and exploration, it also aims to offer a collaborative platform, paving the way for advanced cybersecurity solutions within the EU.
A Strategic Perspective for Strengthening Synergies in Defence and Civilian Cybersecurity in the EU
To effectively combat the complex and evolving landscape of cyber threats, it is imperative to adopt a strategic perspective that strengthens the synergies between defence and civilian cybersecurity within the EU. By integrating efforts across these sectors, the EU can reinforce a robust and cohesive cybersecurity framework, as outlined in the EU Cybersecurity Strategy adopted in 2020, thereby enhancing Europe’s resilience and preparedness.
The EU Cybersecurity Strategy focuses on safeguarding critical civilian services, such as hospitals, electricity networks, and trains, as well as securing the growing number of interconnected devices in residential, commercial, and industrial settings. Furthermore, it places great importance on the enhancement of shared capacities to address major cyberattacks and promotes cooperation with foreign allies to guarantee worldwide security in the digital realm. (https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-policies)
The objective of the Strategy is to ensure a global and unrestricted Internet while implementing robust measures to mitigate security threats and protect the fundamental rights of citizens across Europe. Building on the progress achieved in prior strategies, this vision introduces specific ideas to implement three primary tools: regulatory measures, investment efforts, and policy activities. (European Commission, 2020)
These instruments are designed to enhance resilience, technical independence, and leadership within the EU. By focusing on strengthening operational capabilities, the Strategy aims to prevent, deter, and respond effectively to cyber threats. Additionally, the Strategy emphasises the importance of fostering collaboration to advance a global and inclusive cyberspace. This collaborative approach ensures that all stakeholders, both within and outside the EU, work together to create a secure and open digital environment for everyone. (European Commission, 2020).
In response to the increasing occurrence of cyberattacks, espionage, and disinformation efforts explicitly targeting the EU and its Member States, the European Commission and the European External Action Service proposed a new EU Cyber Defence Policy in 2022. This policy aims to strengthen collaboration and investment in cyber defence to enhance the Union’s ability to prevent, detect, and deter intrusions.
The EU Cyber Defence Policy is organised into four primary pillars, encompassing a wide range of measures aimed at assisting the EU and its Member States. These pillars include a focus on collective action for a more robust EU cyber defence. Enhancing coordination mechanisms among national and EU cyber defence bodies is critical to strengthen collective action. This involves improving information exchange and collaboration between military and civilian cybersecurity communities, as well as providing more significant support for military Common Security and Defence Policy (CSDP) missions and operations. (European Commission, 2022)
Securing the EU defence ecosystem is another key aspect of the policy, emphasising the importance of enhancing cybersecurity standardisation and certification to protect both military and civilian domains. This is crucial as even non-critical software components can be targeted for cyber-attacks on enterprises or governments, including within the defence sector. (European Commission, 2022)
The policy also mandates Member States to make substantial investments in advanced military cyber defence capabilities, with a focus on fostering collaboration. This will be achieved by utilising EU cooperation platforms and funding mechanisms, including PESCO, the European Defence Fund, Horizon Europe, and the Digital Europe Programme. (European Commission, 2022)
ECYBRIDGE Priotities
Cyber threats are inherently interconnected, impacting both civilian and military domains. The blurring of lines between these sectors necessitates a unified approach to cybersecurity. Threats can originate from a variety of sources, including state actors, organised crime, and independent hackers, targeting critical infrastructure, communication networks, and data repositories. Recognising this interconnected nature is crucial for developing comprehensive defence strategies that protect all facets of society.
An attack against private critical infrastructure can significantly impact military operations that rely on that infrastructure. Conversely, an attack on a military network can disrupt civilian systems and services that are interlinked with defence operations. This reciprocal vulnerability underscores the importance of a cohesive cybersecurity strategy that addresses the needs and interdependencies of both civilian and military sectors.
Strengthening the EU’s strategic autonomy in cybersecurity is essential for protecting its digital sovereignty. By developing independent capabilities and reducing reliance on external technologies, the EU can ensure greater control over its cybersecurity infrastructure. Additionally, by setting high standards and best practices, the EU can position itself as a global leader in cybersecurity, influencing international norms and fostering global partnerships that enhance collective security.
Efficient utilisation of resources is essential for strengthening cybersecurity. By pooling resources and expertise from both civilian and defence sectors, we can achieve a higher level of protection and operational efficiency. This approach involves sharing intelligence, technology, and best practices, which can lead to more informed and effective defence strategies.
Collaborative training programmes and joint exercises are crucial for enhancing the skills and preparedness of personnel across both sectors. These initiatives ensure that all stakeholders are equipped to respond to cyber threats in a coordinated and timely manner. By fostering a culture of cooperation and continuous learning, we can build a more resilient and responsive cybersecurity posture that benefits both civilian and military domains.
Developing unified response mechanisms is critical for effectively addressing cyber incidents. This involves establishing standardised protocols and communication channels that facilitate swift and seamless coordination between civilian and military entities. A unified response ensures that all relevant stakeholders are promptly informed and can act in a coordinated manner to mitigate threats, thereby reducing the impact of cyber incidents on national and European security.
Such mechanisms will enable real-time information sharing and collaborative decision-making, which are essential for a rapid and effective response. By integrating the efforts of various sectors, the EU can ensure a comprehensive approach to incident management, enhancing the overall resilience and security of both civilian and defence infrastructures.
Aligning policies, strategies and regulations across the EU is vital for a consistent and effective cybersecurity strategy. Harmonised regulations eliminate gaps and reduce redundancies, making it easier to implement and enforce cybersecurity measures. Policy coherence ensures that all sectors adhere to the same standards, facilitating cooperation and information sharing. It also supports the development of a unified legal framework that addresses the complexities of cyber threats.
Public-private partnerships are instrumental in creating a robust cybersecurity ecosystem. Engaging the private sector brings additional expertise, resources, and innovation to the table. These partnerships enable the sharing of threat intelligence, the development of advanced cybersecurity technologies, and the implementation of effective defence strategies. Collaboration with industry leaders ensures that cybersecurity measures are comprehensive and that the private sector is actively involved in protecting critical infrastructure and data.