Market

Cybersecurity market analysis and targeted research and innovation (R&I) are fundamental in meeting priorities set by regulations and achieving a common vision to further support and fund cybersecurity in the EU.  

Image
ENISA cube

Cybersecurity market analysis reveals the level of uptake of cybersecurity related products, services and processes in the market. This valuable insight is key for utilizing a variety of measures to vitalize the internal cybersecurity market, promote innovation and address market gaps.

Analysing the market resonance of cybersecurity products, services and processes is a strong indicator of their market diffusion, quality and acceptance. Nevertheless, despite past efforts to advance cybersecurity market analysis, the level of maturity in terms of scope and customization is low while market data are scarcely taken into account in the different stages of the cybersecurity development life cycle.

In line with the provisions of the Cybersecurity Act (CSA) and the focus set on developments in the cybersecurity market, particularly in certification, the European Union Agency for Cybersecurity (ENISA) aims to provide input to the Union Rolling Work Programme for European Cybersecurity Certification by addressing the market demand (Art. 47 CSA) and fragmentation, through increasing transparency, trustworthiness and competitiveness of ICT products, services and processes (Art. 4.6 of the CSA).

Building on market analysis, ENISA delivers a significant, yet novel contribution towards a targeted, market-driven decision-making process for the conception, launching and maintenance of cybersecurity products, services and processes within the EU. Activities in the field include regular cybersecurity market analyses for high-priority sectors, the deployment of the Cybersecurity Market Analysis Framework and the ENISA ad Hoc Working Group on Cybersecurity Market, along with community-building events. 

Since 2021, ENISA centers its work around the development of market analysis expertise on methods, tools and creation of expert networks. Along the way, the obtained knowledge is subject to continuous validation, adaption and dissemination through the collaborative engagement of both external and internal stakeholders.

Through its new and updated mandate under CSA, ENISA has also a reinforced role in the field of cybersecurity research and innovation. This role includes the overview of ongoing activities in research, development and assessment of technologies in the various research institutions, universities and industry. In addition, ENISA is competent to advise Union institutions, bodies, offices and agencies and, where appropriate, Member States, at their request, on cybersecurity research needs and priorities.

The Agency conducts various annual assessment activities through its Research and Innovation Observatory and maintains an ongoing and constructive dialogue with members from the various sectors of the community and industry. 

The European Union is prioritising and expanding its support towards research, expertise development and experience available in the Union through its funding efforts, particularly through its Horizon Europe (HEP), Digital Europe Programmes (DEP) and Connected Europe Facility (CEF). With regards to resources and expertise, EU has set up the European Cybersecurity Competence Centre (ECCC) and the Network of National Coordination Centres (NCCs).  

Under the ECCC Regulation, ENISA provides strategic advice and acts as a permanent observer to the Governing Board, plays an active part in the activities, cooperates and ensures synergies and provides relevant input during the preparation of the Agenda, Work Programmes and Multiannual Work Programme  (Articles 5, 8, 10, 12, 18 of ECCC Regulation EC 2021/887).