On June 8, Dominique had the pleasure of presenting the ECA 2026 Mapping of European cybersecurity vendors, and to discuss some of the key insights it provides, in front of a remarkable attendance organized by IRCE (Institute of Research and Communication on Europe). This was a dense 90 minutes and more meeting.
In a first part, Dominique exposed the paradox of European vendors: though they are technically mature, embrace of all new domain of cyber threat, and constitute a dynamic ecosystem covering nearly all countries in Europe, they mostly remain rather small and fragmented. Fragmentation is an issue for two reasons : vendors can hardly sustain the constant R&D effort which is necessary in cybersecurity, and being often niche players they also hardly match some expectations of customers, which would like to benefit from large scope, well integrated solutions.
That being said, European vendors can also seize opportunities created by innovation, moves in the market and emergence of new needs.
Take OT Security (industrial systems cybersecurity) for instance: this domain is becoming more and more important as plants are totally connected and resort to sensors corresponding with processing nodes, all of this being possible targets for hackers. In this domain, though US vendors are bigger than European ones, the gap is smaller than in other domains, “the race is open”. The ECA has recently gathered public researchers, vendors and CISOs to discuss the related issues, and one idea has surfaced: trying to organize a place where European big industrial companies could discuss their main needs and try to set up a sort of standard, which vendors would have to meet, and in such case would have access to a much broader demand.
This is a compelling action for the ECA.
Another good example is Post Quantum Cryptography. We all know that, rather soon now, all files encrypted on the basis of classical algorithms will be deciphered by powerful quantum computers. Even if such computers are not yet there, the technology progresses quickly, moreover CISOs face an issue named “harvest now, decrypt later”, where hackers could steal key files now and decipher them in two three years … in a lot of cases (defense, R&D, business development) the secret documents have to remain secret for a long period, and this is precisely what Harvest now Decrypt later would destroy. Hence the necessity to start the transition now, a perspective which the ECA will contribute to make happen.
Last but certainly not the least, the impact of AI on cybersecurity. No need to stress its importance by the way, the Trump administration has just emphasized it by its decision to stop access of “non American players” to the most advanced models! There again, the ECA has taken action to set up an European response, we soon will gather vendors, European AI platforms providers, and other stakeholders to share views propose a concrete way to organize an European coalition.
Not forgetting that AI systems themselves are a target for hackers, another point which needs attention and is also an opportunity for European innovative software designers to present solutions and develop European autonomy.
One question was raised at the end of the meeting: how can Europe and its institutions help move forward? The answer includes several dimension : public procurement policy should better do justice to European good solutions, the European financial system should be strengthened to allow European companies scaling without being sold to US interests (which means following Mario Draghi report’s suggestions for a totally unified European capital market), teaming up should be encouraged but with a particular focus on innovative companies showing breakthrough capabilities.
At the ECA, our first objective is to organize the business actors.
We know that, during this process, we will turn to the “politic level” to help speed it up and scale successes.
