Exclusive: Regional responses to COVID-19 cyber challenges

The COVID-19 pandemic has increased digitalisation at a rapid rate, massively increasing exposure to cyber threats as distributed teams connect to their work through less secure personal devices. European regions have had to respond in real time, drawing on the full experiences and competencies of their ecosystems to rapidly and effectively meet these challenges. At a time when the cybersecurity market is still fragmented in Europe, the regional response becomes critical to ensure that every part of the European Union receives the protection it so desperately needs.

Due to their flexibility and physical proximity to their ecosystem, regions such as Tuscany, Brittany, Wallonia, Wales, or national clusters from the likes of Slovenia and Slovakia, have the biggest potential to connect cybersecurity technology with end users, assist local small and medium enterprises (SMEs) and provide them with business support and access to innovative technologies. In this article, we examine some of the concrete initiatives these regional clusters have taken to support their ecosystems.

Support to regional SMEs – Cybersecurity Digital Innovation Hub in Castilla y León

The outbreak of the COVID-19 crisis in Spain has seen the birth of a new cybersecurity solidarity initiative.The regional support service provided by the Cybersecurity Digital Innovation Hub in Castilla y León addresses the needs derived from the COVID-19 state of emergency. The service supports regional SMEs, micro-SMEs and self-employed workers that are implementing telematic services, teleworking and cybersecurity solutions as a response to the health crisis.

This solidarity initiative arose from the ICT business sector itself, including national cybersecurity cluster AEI CIBERSEGURIDAD, and ICT regional association AETICAL and the Institute for Business Competitivenes of Castilla y León (ICE), which is the public entity devoted to promoting business competitiveness in the region. The initiative has been launched in the framework of the Cybersecurity Digital Innovation Hub and in collaboration with different regional ICT and technology agents. The two key services have been provided through the initiative.

The first key service focuses on guidance and support. The subject and the specific needs are collected through an online contact form. The requests are distributed to specialised service providers in three different areas – teleworking, cybersecurity, as well as aid and funding. The second key service provides information and resources sharing, by developing a repository of knowledge on teleworking, cybersecurity, grants and funding, focused on small and medium-sized companies. Each section has practical information on the latest news on attacks and threats, training, resources, tools, applications, guides, funding, projects, legal and public administration issues, as well as regional data on providers and services offered in teleworking and cybersecurity.

The services platform is part of the Cybersecurity Innovation Hub portal. It is one of the most important digital innovation hubs in Castilla y León, focused on helping companies to develop more competitive business and production processes, products or services using digital technologies.

This initiative not only addresses the COVID-19 related challenges to regional SMEs but also established a path for future collaborative work that will facilitate the co-development projects, the expansion of R&D capacities,  the development of more innovative programmes and, ultimately, the improvement of secure digital transformation across the region.

The key role of SMEs in regional cooperation with international organisations

SMEs may be small, but they can certainly pack a punch.

Estonia recently signed an international partnership with the World Health Organisation to build a trusted COVID-19 Vaccination Certification Infrastructure. Estonia is a country and part of region which has a culture of cybersecurity excellence due to repeated attempts of Russian digital interference over previous decades. This region’s cooperation with the WHO has thus provided an opening for Guardtime, an Estonian SME, to leverage its strong track record of building certification solutions for governments and spearhead the project.

“Digital trust regarding vaccination infrastructure comes in multiple forms, in the vaccine manufacturing and distribution and in the identification of the individuals vaccinated. The data that is being stored in these processes have to provide high accessibility, integrity and confidentiality, after all we are talking about human lives,” said Csaba Virag, the Head of Capacity Building at Guardtime.

Guardtime’s KSI blockchain technology will now be scaled to provide digital trust in COVID-19 vaccines for potentially billions of people around the world. This initiative is a great example of how local European competencies and innovations can be leveraged through the regional approach to extend far beyond the region in question and help ensure secure digital solutions for wider publics. Mr Virag emphasised that vaccines have to be distributed and records shall be kept of who has been vaccinated with which type of vaccine in a trusted and secure way. According to him, Guardtime’s solution helps to balance individual rights of privacy and non-discrimination with the common good of all community members and maintain the right to operate freely in everyday practices.

“We hope that our example serves as a motivation for others, that high quality products and services paired with commitment and persistence is rewarding. We are actively engaged with other SMEs locally, EU and worldwide through our active participation and engagements in various SME and industry focused organisations,” concluded Mr Virag.

Bringing in Interreg CYBER Europe

The two initiatives highlighted are part of a rich regional story. Both projects were conceived by Interreg CYBER Europe partners: the Castilla y Leon region in Spain and RIA – the Estonian Information System Authority.

Interreg CYBER Europe is a European Union (EU) funded project, which aims to leverage key regional cybersecurity know-how and competencies in the EU and facilitate a process of best practice sharing and knowledge transfer. The ultimate goal is to ensure that these regional entities can give the best possible support to their local cybersecurity companies and contribute to the protection of the Union and the Digital Single Market in particular.