Bridging Gaps - COcyber Needs Assessment Report
This report provides a comprehensive analysis of the challenges and opportunities in fostering collaboration between civilian and defence cybersecurity sectors. As cyber threats evolve and become increasingly sophisticated, stronger partnerships between these sectors are essential to ensure national cyber resilience. The primary objective of the assessment was to evaluate key areas for collaboration, including joint cyber defence initiatives, technology sharing, crisis management, and policy alignment.
This document is produced by the COcyber partners and lead by Université Libre de Bruxelles / Solvay Business School, in the framework of Work Package 2 (WP2) "Coordination activities between cybersecurity civilian and defence spheres".
The study utilised a participatory approach, combining a quantitative survey, qualitative focus group discussions, and consultations with key stakeholders, such as representatives from European institutions (ENISA, EDA, EC), national defence ministries, cybersecurity agencies, industrial players, and research institutions. You can read more about the study methods here!
The questionnaire is still open! Are you a professional dealing with cybersecurity topics? If yes, we value your insights into our short needs assessment survey to understand how to improve civilian and defence cybersecurity sector collaboration. Your responses will feed and guide our forthcoming work via the COcyber platform for collaboration!
Introduction
Cybersecurity is a critical concern for both civilian and defence sectors, as digital infrastructures face escalating threats from state-sponsored actors, cybercriminal organizations, and disruptive technologies. While both sectors aim to strengthen cyber resilience, their approaches, priorities, and operational structures have historically remained separate. This disjointed approach limits the efficiency of cybersecurity responses and increases overall vulnerability to cyber threats.
The civilian sector focuses on regulatory compliance, industry best practices, and safeguarding private and public services, whereas the defence sector prioritizes military security, intelligence operations, and national defence strategies. These different mandates have created institutional divides, making collaboration complex. In addition, governance structures vary across national and international levels, complicating efforts to coordinate cybersecurity policies and strategies.
As cyber threats continue to evolve, addressing these disconnects has become a priority for policymakers and cybersecurity professionals. Strengthening cooperation between civilian and defence actors will enable better intelligence sharing, harmonized security policies, and coordinated responses to cyber incidents. This report presents a structured approach to enhancing cybersecurity collaboration and outlines key recommendations to improve policy integration, workforce readiness, and joint technological innovation. It aims to guide all future activities of the COcyber project so that these match the needs and expectations of the target stakeholders!
The Need for Stronger Civilian-Defence Cybersecurity Collaboration
A lack of coordination between civilian and defence cybersecurity sectors increases vulnerabilities, slows incident response times, and results in fragmented security efforts. Digital infrastructure critical to both public services and national defence is frequently targeted, yet existing policies and security frameworks do not always support joint collaboration. Ensuring greater alignment between these sectors requires stronger governance structures, harmonized policies, and shared intelligence mechanisms.
Effective cybersecurity collaboration can improve real-time threat detection, strengthen incident response, and create opportunities for technological innovation. Building trust between stakeholders, establishing clear protocols for cooperation, and fostering cross-sector dialogue are all essential to achieving an integrated cybersecurity framework. This report outlines a structured approach to achieving these goals by addressing governance gaps, creating standardized security frameworks, and developing secure information-sharing mechanisms.
Challenges in Cybersecurity Collaboration
The study identifies several critical challenges that hinder collaboration between civilian and defence cybersecurity sectors:
1. Fragmentation of cybersecurity efforts – Civilian and defence organizations follow separate policies, leading to duplicated initiatives and security gaps. The absence of a unified strategy results in inefficiencies and inconsistencies in cyber defence operations.
2. Limited information sharing – The lack of secure and trusted mechanisms for real-time intelligence exchange delays responses to emerging cyber threats. Without standardized frameworks, organizations struggle to detect and mitigate threats efficiently.
3. Skills shortage and misaligned training programs – Both civilian and defence sectors face a shortage of skilled cybersecurity professionals. However, training initiatives remain isolated, making it difficult to develop a standardized skill set that can be applied across both sectors.
4. Inconsistent cybersecurity policies and regulations – Differing national and institutional regulations create legal and procedural obstacles to effective collaboration. These inconsistencies slow down joint initiatives and complicate cross-sector coordination.
5. Lack of technological integration and dual-use innovations – Many cutting-edge cybersecurity tools could benefit both civilian and defence sectors, but limited cooperation prevents the efficient transfer and implementation of dual-use technologies.
Recommendations for Enhancing Collaboration
A strategic, phased approach is necessary to address these challenges and build a more cohesive cybersecurity framework:
Short-Term (0-2 Years): Focus on immediate structural improvements, including establishing secure platforms for structured intelligence sharing between civilian and defence cybersecurity agencies. Organizing joint cybersecurity exercises and crisis response simulations will enhance preparedness and coordination. Aligning governance structures to streamline regulatory frameworks and improve policy coherence is also critical at this stage.
Medium-Term (2-5 Years): Develop integrated training programs that bring together civilian and defence cybersecurityp professionals. These programs should emphasize knowledge-sharing and cross-sector best practices. Facilitating partnerships between industry, government, and academia will support continuous learning and skills development. Implementing shared testing and evaluation platforms for cybersecurity tools and technologies will ensure interoperability and efficiency in cybersecurity operations.
Long-Term (5+ Years): Institutionalize governance frameworks to ensure sustainable and continuous civilian-defence cooperation. This includes embedding collaboration into national and European cybersecurity policies and ensuring consistent oversight. Fostering strategic innovation partnerships between public and private stakeholders will drive the development of cutting-edge security solutions. Finally, integrating European and international cybersecurity strategies will create a unified, coordinated response to evolving cyber threats.
Conclusion and Next Steps
Cybersecurity threats are evolving rapidly, requiring a coordinated, cross-sector approach to ensure resilience. Strengthening collaboration between civilian and defence cybersecurity stakeholders is essential for improving threat detection, crisis response, and long-term strategic resilience.
The recommendations outlined in this report provide a clear roadmap for reducing fragmentation, enhancing intelligence sharing, and building a skilled workforce capable of addressing emerging cybersecurity threats. Moving forward, continuous engagement from all relevant stakeholders is necessary to institutionalize cooperation and develop a robust, future-ready cybersecurity framework for Europe. The COcyber project continues to develop and offering a varied range of activities and tools to foster collaboration of civilian and defence cybersecurity spheres; and this report is one of the backbones for this!
Download the entire report now - https://zenodo.org/records/14801460