The Working Groups are the main centres of activities of ECSO. They participate in the preparing of the Strategic Research and Innovation Agenda and of other ECSO documents. They may focus on the problems of a specific industry or on solving interdisciplinary problems. Each ECSO member is expected to participate actively in the activities of at least one working group to which the member will nominate own experts. The National Security Authority works in WG1, WG5 and WG6.
Working Groups have been established in the following areas:
WG1 – Standardization, Certification, Labelling, Supply Chain Management
The main task of WG1 is to participate in the creation of a harmonized common European certification framework that is to be based on the existing standards and components. Also, the security of products, ICT services, service suppliers, organizations, and critical information infrastructure components should be evaluated.
The group prepares the documents (1) State-of-the-Art Syllabus (SOTA) – an overall view of the existing cyber security standards and certification schemes and (2) Challenges of the Industry (COTI) – identification of challenges and filling of gaps in the industry sector. The documents will be used to prepare a meta-framework of certification as a recommendation of ECSO for the EC priority – development and introduction of an European certification IT security framework. Another goal of the activities is to open discussions with the European Committee for Standardization (CEN), the European Committee for Electrotechnical Standardization (CENELEC), and the European Telecommunication Standards Institute (ETSI).
WG2 – Market Development, Financing, Export, cPPP Monitoring
WG2 focuses on models of innovative trade and on financial programs; the goal is to support the growth of the European market, development of the industry, support of investments, international dialogue and cooperation, support of competitiveness of EU products, and promotion of cPPP goals.
A discussion about the potential priorities of international cooperation has been initiated in WG2. In cooperation with the EC the group participates in improving the monitoring of key performance indicators and fulfilment of cPPP criteria. WG2 should review whether Europe should focus, in the cyber security industry, on development of services (a very important viewpoint for Europe) or more on products (requirement of higher investments).
WG3 – Sectoral Demand
WG3 solves the requirements of the sector (such as Industry 4.0, transportation, finance/banking, public administration, e-government, health care, smart cities sectors). The activities of subgroups focus on the search for more detailed definitions of needs, users, challenges, and impacts. In order to define technological priorities more precisely, WG3 closely collaborates with the relevant directorates (DG) of the EC.
The task of the group is to satisfy the demand requirements and to cooperate with other ECSO working groups in relation to:
- Analysis of deficiencies of standards and defining new necessary standards (WG1),
- Defining market impacts (WG2),
- Identifying relevant activities and financing instruments outside DG CNECT (WG4 – with reference to regional/structural funds),
- Defining the need of education and awareness (WG5),
- Activities of further research test performance (WG6)
WG4 – Support of SMEs and Countries of Eastern Europe
The main task of WG4 is to develop the export of products of small and medium-sized enterprises and to support dialogue and cooperation at a regional level. The above implies topics for discussion such as the financing mechanism in the area of cyber security, the task of territorial cooperation, and other forms of support of small and medium entrepreneurs (e.g. using EU regional funds).
The first step to this goal is the mapping of regions, associations, and entrepreneurial associations focusing on cyber security. Later activities will focus on provision of information about available exercises in regions and on support of connecting highly skilled students and small and medium entrepreneurs.
WG5 – Education, Training, Awareness, Exercises
WG5 has formed 3 subgroups: (1) Cybernetic environment and technical exercises, (2) Education and professional training, (3) Awareness. The task of each subgroup is to prepare a draft working plan in the area of education and to submit it for discussion in the entire WG5. The task of the group is to map the field of education in the cyber security area in individual countries and to review the sources of potential financing of educational projects from funds other than Horizon 2020 (e.g. from regional funds).
The activities of the group focus on increasing education, skills, and awareness of users and experts about secure use of IT tools and on increasing the basic awareness of cyber hygiene. An initiative for creating a human resources network focused on work environment was formed within the group. Its goal is to create educated workforce for the industry through flexibility of employment, mutual communication between employers, and more specific education requirements from the employers.
WG6 – Strategic Research and Innovation Agenda (SRIA), Technical Area, Services Area, Products
SRIA defines the priorities for the research and innovation of the European cyber security industry. Within the group, first informal proposals of priority topics identified by the ECSO in the area of research and development are formed. These are then addressed to the EC to incorporate them in the EC Work Programme so that they can be modified to calls for project proposals.