COcyber Batch #3 Ambassadors in the Spotlight: Christos Xenakis

With its third batch now underway, the COcyber Ambassador Programme continues to expand the network of professionals supporting stronger civilian-defence cybersecurity cooperation in Europe. Since its launch, each of the three cohorts has brought new expertise, perspectives and connections, helping to broaden the project’s outreach and reinforce dialogue within the cybersecurity community.

As Batch 3 approaches the final stage of its six-month ambassadorship, we are introducing the professionals who have helped carry this work forward. In this article, we spoke with Christos Xenakis, Professor at the University of Piraeus, about his background, his perspective on European cybersecurity, and his reflections on the COcyber Ambassador experience as the journey comes to an end.

Q: Who are you, and what is your professional background?

I am a Professor in the Department of Digital Systems at the University of Piraeus, Greece, and Director of the Postgraduate Programme "Cybersecurity and AI Technologies". I hold a B.Sc. in Computer Science, an M.Sc. in Telecommunications and Computer Networks, and a Ph.D. from the Department of Informatics and Telecommunications at the University of Athens. My experience includes telecom systems development and long-standing involvement in the Communication Networks Laboratory at the University of Athens.

I have coordinated multiple EU-funded cybersecurity projects, and have served as technical manager of cPAID and UINFC2. I am a member of the steering committee of the European Cyber Security Challenge (ECSC) and lead the Hellenic Cyber Security Team. I also work on the editorial boards of Computers & Security, Computer Communications, and The Computer Journal. My research focuses on systems, network, and application security, with more than 130 peer-reviewed publications.

Q: Since when and how are you involved in the European cybersecurity sector?

I have been actively involved in the European cybersecurity sector for nearly two decades. Over the last 18 years, I have been teaching cybersecurity to both undergraduate and postgraduate students. I am also the founder and director of a cybersecurity master's programme that has been continuously running in Greece for the last 17 years, having successfully graduated over 560 students and contributing to the growth of the cybersecurity workforce.

Beyond academia, I have participated in over 65 research and development projects funded by the European Union and the Greek state, focusing on the advancement of cybersecurity technologies and solutions. As a steering committee member of the European Cyber Security Challenge and captain of the Hellenic Cyber Security Team, I am engaged in competitive cybersecurity at the European level. I also founded the Greek National Cybersecurity Student Competition and the Hellenic University Hack.

Q: From your perspective, what are the main challenges in the collaboration of the civilian and defence cybersecurity sectors in Europe?

The collaboration between the civilian and defence cybersecurity sectors faces several challenges: one of these lies in different strategic goals, as the defence sector is primarily focused on national security, under strict protocols and high levels of secrecy, while the civilian sector is concerned with protecting public and private infrastructure, data privacy, and ensuring the resilience of critical sectors such as finance and healthcare. These differing priorities sometimes hinder collaborative efforts, as each sector tends to focus on its own security needs without fully understanding the priorities of the other.

Regulatory differences create a further barrier. Defence cybersecurity operations are typically governed by national security laws and military directives that can be highly classified, while civilian cybersecurity is generally governed by EU regulations such as the NIS Directive and GDPR. These differing legal frameworks impede joint operations.

Cultural differences also play a significant role. The defence sector often operates with a hierarchical, secretive structure, while the civilian sector is characterised by more open, collaborative practices driven by public-private partnerships, research innovation, and market-driven solutions. These differences can lead to mistrust and difficulties in establishing common ground. 

Q: Again, from your perspective, what are the most crucial steps to address these challenges and strengthen Europe's joint digital safety efforts?

Addressing these challenges requires a multi-faceted approach that emphasises innovation, training, and education as its three critical pillars.

On innovation, encouraging joint research and development initiatives that focus on the integration of civilian and defence cybersecurity should be a priority: the EU should invest in cross-sector innovation hubs where experts from both sectors can co-develop new technologies, particularly in emerging fields such as AI, machine learning, and quantum computing.

On training, a unified cybersecurity framework should be established at the European level, including specialised courses designed to train professionals across both sectors. Creating an EU-wide certification programme would help standardise qualifications and ensure that both civilian and defence entities have access to a shared pool of well-trained experts. 

On education, cybersecurity principles must be embedded within all levels of society, from primary and secondary education to specialised university programmes and public awareness campaigns. Strengthening general public awareness can have a significant impact on reducing the vulnerability of Europe's digital infrastructure.

Q: Did your experience as a COcyber Ambassador align with what you expected at the beginning, and what are your key reflections now that the journey is ending?

My experience as a COcyber Ambassador was broadly in line with my expectations. The programme provided a useful opportunity to engage with professionals from across Europe and to contribute to discussions on civilian-defence cybersecurity cooperation. I appreciated the emphasis on knowledge exchange, awareness raising, and strengthening links between communities that often approach cybersecurity from different perspectives. 

The project’s work and outcomes have helped highlight both the complexity and the importance of building trust, shared understanding, and practical collaboration in this field. As the ambassadorship concludes, I consider COcyber a valuable initiative that has contributed positively to the wider European cybersecurity dialogue.