Pascal Steichen is the founder and CEO of the Luxembourg House of Cybersecurity (LHC) as well as the chairman of the newly founded European Cybersecurity Competence Centre. He tells us more about funding frameworks for cybersecurity initiatives, a new incubator and his desire to grow the cybersecurity ecosystem.
How would you describe the general level of cybersecurity, both in terms of implementation across industries and general awareness of the topic, in Luxembourg?
Every year we do a market analysis where we look at the solutions and service providers active in the Luxembourg market. The last results showed us that there are close to 300 cybersecurity companies providing a very broad range of services and solutions. There are probably only two or so services that are not provided, so for a company the size of Luxembourg this is really good.
On the public side, Luxembourg has had a cybersecurity strategy since 2012. We also have a national committee for cybersecurity and all the right initiatives are in place to respond to and address cybersecurity challenges. However, especially with small companies, we see that the awareness is still quite low and that many companies are still dealing with preventable cyber incidents. So it’s not like we can sit back, there is still a lot of effort to be done and this is why the LHC is helping startups and SMEs in tackling cybersecurity issues and raising awareness about them.
Are there any industries in particular that you think are lagging behind?
I think it’s less of an industry-related thing than a question of the level of digitalisation or technological maturity of an industry. In Luxembourg, the finance sector is clearly the main driver of the cybersecurity market but digitalisation is everywhere and coming for all industries, especially anything related to manufacturing.
This opens these industries up to potential risks that weren’t there before. Before cybersecurity was very much focused on information technology, now it’s moving to operation technology. That’s why I believe that the biggest cybersecurity challenges will come in related industries.
What funding opportunities exist for companies to better shield themselves from cyber threats?
There are the classical European research, innovation and implementation funding frameworks for which cybersecurity has become a new topic for the last three years. Recently, the European Cybersecurity Competence Centre [of which Pascal is the chairman] was also created to manage the funding for these different programmes related to cybersecurity.
There is also a new programme in the works which will cooperate with national cybersecurity centres across Europe to better allocate funding resources. This initiative is not public yet but should be up and running before this summer.
“On the research side, we think that there is and will be a huge need for cybersecurity in the post-quantum computing era.”
Pascal Steichen, CEO of the Luxembourg House of Cybersecurity
What are the criteria to get access to such funding?
The funding will be mostly available to implement cybersecurity projects. We’re not talking about huge amounts, around 50-60k, but for SMEs and startups, this can make a great difference already.
To smaller companies, cybersecurity projects can be both inaccessible because of the cost but also because they require a lot of time and effort to implement. We want to support them by helping them understand the costs needed, guiding them in their cybersecurity needs and putting them in touch with the right service providers.
The LHC is considering setting up a Data Space initiative. What can you tell me about it?
This initiative is connected to Gaia-X and the idea is really to address the growing need for useful data about cybersecurity, not only threats and best practices but also what solutions are needed on the market. The Data Space will allow companies to share this data with one another and work together if needed. It will act as a sort of marketplace that will hopefully foster innovative projects for the most pressing cybersecurity problems faced by companies.
Startups would benefit from this initiative because it would allow them to test their products and gather important information on the cyber threats that companies face. We want to have more cybersecurity startups in Luxembourg and we believe that such an initiative could help with this goal. Of course, it will depend on the willingness of companies to take part in it.
What is the timeline for this project?
This is a three-year project that will start this year before summer. However, it will take probably until next year before the first results are public.
What other goals do you have to collaborate more with startups?
First of all, we want to help startups strengthen their cybersecurity. Specifically, we want to do it in a more personalised way because startups work in very innovative and diverse ways where a one-size-fits-all approach does not work.
We are also thinking of creating a sort of incubator at the LHC and will add cybersecurity as a topic to Fit 4 Start. In general, we want to bring the topic of cybersecurity closer to the startup community and have more startups active in the industry.
Lastly, on the research side, we think that there is and will be a huge need for cybersecurity in the post-quantum computing era. This will bring an entirely new set of problems and concepts for which a lot of work still needs to be done, and especially innovative ideas from startups are needed.
This article was first published in the Silicon Luxembourg magazine. Get your copy.
