EU Science Hub

Cybersecurity competence survey

In the September 2017 Joint Communication "Resilience, Deterrence, and Defence: Building strong cybersecurity for the EU", the European Commission announced the intention to support the creation of a network of cybersecurity competence centres, with a European Cybersecurity Competence Centre at its heart, to stimulate the development and deployment of technology in cybersecurity.

The first step of this ambitious initiative is the clear definition of the cybersecurity context, its domains of application, research, and knowledge.

To this end, the Joint Research Centre (JRC), in collaboration with DG CONNECT, proposed a cybersecurity taxonomy and classification scheme, aligning existing cybersecurity terminologies, definitions, and domains.

The taxonomy considers the different dimensions of the cybersecurity domain using as sources some of the most widely accepted

  • cybersecurity standards,
  • international working group classification systems,
  • regulations,
  • best practices, and
  • recommendations.

The taxonomy provides a high-level set of definitions and categorisation domains that

  • Can be used by the EC cybersecurity initiatives;
  • Become a point of reference for the cybersecurity activities (research, industrial, marketing, operational, training, education) in the DSM by all sectors/industries (health, telecom, finance, transport, space, defence, banking etc.);
  • Can be used to index the cybersecurity research entities (e.g. research organisations/laboratories/ associations/academic institutions/groups, operational centres/academies) in Europe;
  • Meet compliance with international cybersecurity standards;
  • Can be sustainable, easily modifiable and extensible.

The second step of this initiative is the identification and mapping of existing cybersecurity centres (e.g. research organisations/laboratories/associations/academic groups /institutions, operational centres), according to their cybersecurity expertise in specific domains, using the proposed taxonomy. 

This mapping exercise was performed through two parallel activities:

  • A desktop research, taking as input online data from scientific publication databases, patent registries, H2020 projects;
  • An online survey, addressed to the European cyber-security research community, aiming to identify the cybersecurity competence centres.

The survey was initially open for participation from middle January 2018 until middle March 2018, with an extension of few weeks due to the high number of requests to participation. As a result, around 700 centres participated in the survey. This web-page summarizes the results of the survey.

Cybersecurity Competence Survey

The following map highlights the countries that participated in the survey, showing for each country the total number of participants and their contact information, after clicking on the respective country. This contact information is the exact information provided by each participant when answering the survey.


Distribution of participants according to their expertise in the cybersecurity domains.

Distribution of survey participants according to the sectors they work on. 

Overall distribution of target applications and technologies for all survey participants.

cybersecurity technical reports

Detailed information about the survey results including detailed statistics for the centers and their classification using the cybersecurity taxonomy is published in the following JRC technical reports:

The survey report takes into account the survey data up to the initial deadline (665 participants). A new version of this report including other centers that participated after this deadline is planned for 2019.

Participating countries

The following lists shows the geographical distribution of number of survey participants per country, with the contact information of all centers for each country: