Public Services > Central Government

EU security chief: Europe faces a "cyber security skills gap"

Matteo Natalucci Published 15 September 2017

EU needs to develop better cyber hygiene habits; and businesses and risk-based cyber security programmes to cope with current cyber security challenges


The EU’s Commissioner for Security Union, Julian King, has expressed concern over the status of cyber security in Europe.

Speaking at the EU cyber security Conference "Digital Single Market, Common Digital Security”, which highlighted current and forthcoming EU investment in the field of cyber security resilience, King said , “Europe faces a cyber security skills gap, a shortfall currently estimated to sum to 350,000 people by 2022”. 

King stressed the need to address this skills gap to promote effective cyber security resilience. He proposed to “mainstream” and “prioritise” cyber skills into education and training curricula.

He said, “Some 95% of successful attacks are enabled by some type of human error. People need to develop better cyber hygiene habits; and businesses and organisations also need to adopt appropriate risk-based cybersecurity programmes and update them regularly to reflect the evolving risk landscape.”

“Building [cyber security] resilience also means having people with the right skills, driving technological innovation to stay ahead of those looking to attack us. It’s a fact of life today that many European manufacturers depend on acquiring critical technologies from outside the EU”, he said.

King announced the commission’s plans to create a pan-European cybersecurity competence network to reinforce capabilities across Europe. And alongside that, a new European Cyber Security Research and Competence Centre that will focus on new solutions supporting and benefiting EU companies. He also announced new EU funding, through the Connecting Europe Facility, to ensure that Computer Security Incident Response Teams (CSIRTs) are properly resourced.

He stressed the importance of the Public-Private Partnership on Cybersecurity, which will mobilise €1.8b of investment until 2020, and will be instrumental in structuring and coordinating digital security industrial resources in Europe.

The EU will propose a new EU Cybersecurity Agency based on ENISA – the EU’s Network and Information Systems Agency – to help ensure a rapid and coordinated response to attacks across the whole EU.

The commission also aims to establish a set of EU cyber security standards and certification framework to ensure that security is built in: “security by design”, with devices developed to the highest standards and producers offering a ‘duty of care’ to make their products cyber-secure.

“The framework should promote new EU-wide certification schemes and procedures, a comprehensive set of rules, requirements and standards at European level to evaluate how secure digital products or services actually are. So buyers can know which products, services, connected devices are cyber-secure and to be trusted allowing them better to choose the right product,” King said.



We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.