Cybersecurity Roadmap for Europe by CONCORDIA

Cybersecurity Roadmap for Europe by CONCORDIA

All future global market-dominant products and services will likely be located in the digital world, in cyberspace, or at least interact strongly with it. Cybersecurity is the pillar of the digital society and the guarantee of trust and cooperation. Therefore, cybersecurity and its roadmap cannot be analysed only from a technological perspective. When discussing the cybersecurity roadmap, it is necessary to take a holistic approach having in mind the global aim of European digital sovereignty.

In an increasingly globalised world, Europe presents itself as a champion of European ethical values but cannot guarantee the digital sovereignty of its citizens or its businesses. Even current challenges in climate protection and health, especially concerning the COVID-19 pandemic, can only be solved, or supported by using trustworthy IT to prevent Europe from ending as a digital colony. Building the European digital ecosystems with various stakeholders, identifying synergies, strengthening trust and cooperation, investing in digital competencies, and the European IT industry are pillars to build a strong digital sovereign Europe. CONCORDIA’s roadmap addresses these various aspects.

Digital sovereignty is a multi-layered and complex concept. There are several related terms such as ‘technological sovereignty, ‘strategic autonomy’, ‘self-sovereignty, ‘data-sovereignty’, and ‘digital autonomy’. Addressing European digital sovereignty only from a technological viewpoint and addressing just technological sovereignty is too narrow. For once, as technological sovereignty cannot be achieved or sustained by state of the art or cutting-edge technology itself, it will be dependent and interdependent on other aspects. The European Parliament identified the emerging request for digital sovereignty referring to ‘Europe’s ability to act independently in the digital world [1] and should be understood in terms of both protective mechanisms and offensive tools to foster digital innovation (including in cooperation with non-EU companies).’ [2]

For an appropriate understanding of European digital sovereignty, a holistic approach needs to be taken that embraces various different aspects. CONCORDIA follows this and takes a holistic view in developing the roadmaps to reach European digital sovereignty. Thus, we have several ‘sub-’roadmaps or ‘mini’-roadmaps that address specific dimensions and other aspects dependent on each other in the roadmap.

CONCORDIA has identified seven dimensions to address a holistic view of European digital sovereignty:

  • Research and Innovation,
  • Education and Skills,
  • Legal and Policy,
  • Economics,
  • Investments,
  • Certification and Standardization,
  • Community Building.

Research and Innovation address the aspect of technological sovereignty. Education and Skills refer to the necessity to build IT and cybersecurity competencies. Legal and Policy focus on regulation and legal aspects and strategies. Developing new digital value models, business models, and attracting investments are discussed in Economics and Investments. Certification and Standardization play an important role in the European cybersecurity certification framework for ICT products, services, and processes and are addressed in this dimension. The Community Building dimension addresses the need to overcome the fragmentation in Europe and interconnect various stakeholders. Building digital ecosystems, interconnecting different stakeholders, and with this establishing trust and cooperation is the European way to build European digital sovereignty and not be sandwiched between the US and China.

The identified seven dimensions are not independent of each other. Each is intertwined with the other. For example, Research and Innovation addressing technological sovereignty can only be successful if competences (the Education and Skills dimension) are addressed as well.

The recommendations of the roadmaps are put on the time scale from short-term (next two, three years), mid-term (around 2025), and long-term (around 2030). The general aim of the roadmap is to both identify and jointly work to addressing, mitigating (and even resolving) the challenges regarding European digital sovereignty, overcoming fragmentation while identifying and joining European brainpower and forces to build, boost and amplify the gains of (the road towards) building, achieving, and sustaining European digital sovereignty.

This current release of the Roadmap can be deemed to be a rolling release, with its current state of play as per December 2021. If you would like to learn more about CONCORDIA roadmap, check this dedicated website:


  1. European Commission. Rethinking Strategic Autonomy in the Digital Age., July 2019, accessed Dec. 18, 2020.
  2. European Parliament Research Service. Digital Sovereignty for Europe., July 2020, accessed Dec. 18, 2020.