Abstract
This article presents an overview and analysis of the key cybersecurity problems, challenges and requirements to be addressed in the future, which we derived through 63 interviews with European stakeholders from security-critical sectors including Open Banking, Supply Chain, Privacy-preserving Identity Management, Security Incident Reporting, Maritime Transport, Medical Data Exchange, and Smart Cities. We show that common problems, challenges and requirements across these sectors exist in relation to building trust, implementing privacy and identity management including secure and useable authentication, building resilient systems, standardisation and certification, achieving security and privacy by design, secure and privacy-compliant data and information sharing, and government regulations. Our results also indicate cybersecurity trends and allow to derive directions for future research and innovation activities that will be of high importance for Europe.
Highlights
Facing steadily increasing cybersecurity challenges, the European Commission has been committed to enhance its cybersecurity competence in member states and in its institutions
We present the results from our interviews for addressing the research objectives of (a) analysing the perspectives on key problems that stakeholders are facing for the sectors that they represent and challenges for cybersecurity, especially for the mid and long-term, and of (b) eliciting their cybersecurity requirements in terms of capabilities and technologies which will allow to lay the foundation for the Research and Innovation (R&I) roadmap
The context in this area is underpinned by the EU Payment Services Directive 2 (PSD2) [20] that is in force since the 13th of January 2018, enabling bank customers to use third-party providers to manage their finances, pay their bills, make peer-to-peer transfers, and analyse their spending, while still having their money safely placed in their current bank account
Summary
Facing steadily increasing cybersecurity challenges, the European Commission has been committed to enhance its cybersecurity competence in member states and in its institutions. The sectors open banking, supply chain, maritime transport, medical data exchange and smart cities were chosen as they represent important critical information infrastructure areas for finance, health, transport, and other essential private and governmental services They are heavily relying on IoT (Internet of Things) and modern communication technologies (including 5G), which pose serious security challenges. The sectors of privacy-preserving IDM and security incident reporting are relevant for implementing privacy by design and security response, and for enforcing the EU Legal Privacy and Cybersecurity framework including the EU General Data Protection Regulation (GDPR) [2] and the Directive on Security of Network and Information Systems (NIS Directive) [3] For these reasons, we have chosen these security-critical sectors as a basis for addressing our research objective of analysing stakeholders’ perspectives and requirements on cybersecurity in Europe. This analysis of stakeholders’ perspectives and requirements serves as an input for analysing the need for innovative and multidisciplinary research into cybersecurity for these sectors, and based on this, for developing a common European Cybersecurity Research and Innovation (R&I) Roadmap for security critical sectors by the CyberSec4Europe project
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
