Towards an Operational and Resilient Cybersecurity Ecosystem in Lithuania
Lithuania has built a centralised, defence-led governance model developed by the Ministry of National Defence and the National Cyber Security Centre (NCSC) that has enabled rapid alignment with EU frameworks and clear institutional accountability.
Significant operational challenges, however, remain, and they are the focus of this COcyber white paper. Authored by Virgilijus Dirma and Milda Savickaitė from our partner INFOBALT, it provides a critical assessment of Lithuania's national cybersecurity ecosystem and the barriers that stand between compliance and genuine protection.
The paper finds that implementation of NIS2 obligations remains uneven: they are most acute for SMEs and organisations outside formally designated sectors, while trust barriers continue to impede cross-sector information sharing.
The national stakeholder research revealed that 79% of respondents identified a lack of trust between sectors as the single largest barrier to sharing cyber incident data. At the same time, Lithuania faces a persistent skills shortage and regulatory complexity around dual-use and AI-adjacent technologies, which risk slowing innovation without clearer guidance.
The authors argue that Lithuania's next phase of development requires a shift from regulatory conformity to operational culture, and its geopolitical proximity to Russia and Belarus makes these reforms strategically urgent. This means investing in workforce development aligned with the European Cybersecurity Skills Framework, establishing safe-harbour mechanisms for voluntary intelligence sharing, and creating pathways for civil-military technology exchange.
