Europe faces a critical juncture. Geopolitical tensions are rising, and cyber threats are growing more sophisticated. This reality has made cybersecurity a vital part of Europe’s defense strategy, along with the defense strategies of the entire world. The European Commission’s ReArm Europe/Readiness 2030 initiative, which proposes a €150 billion investment in defense (including a dedicated €3.5 billion cybersecurity fund as noted in President von der Leyen’s 3 March statement), demonstrates that there is unprecedented opportunity for unified action.
Now is the time for European cybersecurity companies to come together, strengthen the industry and protect our shared future. The reason is straightforward: Europe can no longer afford to view cybersecurity separately from traditional defense measures.
The strategic value of a European ecosystem
It’s 2025. Worldwide cybersecurity protects enterprise revenue commercially while securing stability and integrity nationally. Most of us also know state-sponsored attacks, ransomware hitting critical infrastructure and espionage targeting businesses demand a unified response.
The ReArm Europe/Readiness 2030 initiative provides a unique chance to direct substantial resources toward this challenge. Real success, however, relies on collaboration between public and private sectors driven by a renewed sense of purpose. European cybersecurity firms in particular are well-positioned to lead globally.
With increased investment in cybersecurity, and more specifically the cybersecurity firms that operate within, Europe can counter these continually growing threats. But effectively tackling them requires an independent, stronger, and autonomous European ecosystem.
Europe’s cybersecurity ecosystem offers unique strengths:
- Europe hosts leading technical universities and research centers
- GDPR has established Europe as the global standard-bearer for data protection, creating security solutions that meet the highest compliance thresholds globally
- European cybersecurity startups raised €2.8 billion in 2024, a 23% increase from the previous year, demonstrating momentum in the sector
These strengths allow leading security providers to create solutions that meet strict security and compliance standards, qualities that appeal to customers globally. A European base is not a constraint but a launchpad for worldwide impact.
Leading European cybersecurity firms operate globally and collaboration in Europe must support these ambitions rather than hinder them. A strong European core enhances our ability to deliver valuable solutions around the globe, cementing our position on the world stage.
“A consortium wouldn't just refine our capabilities, it would fundamentally transform Europe's security posture while allowing each firm to focus on what they do best: helping customers protect their most critical assets.”
From Airbus to "Cybus": A call for strategic collaboration
The success of Airbus in the 1980s offers an interesting parallel. European aerospace firms collaborated to build something greater and successfully challenged global leaders. Could European cybersecurity companies achieve the same?
A "Cybus" model would create specific collaboration frameworks in three key areas while preserving competition:
- Threat intelligence consortium: Participating firms would contribute anonymized threat data to a shared platform, creating a comprehensive European threat landscape that benefits all participants.
- Joint research initiatives: Companies would pool resources for fundamental research on emerging threats like quantum-resistant encryption and AI-powered attacks, sharing the costs and benefits.
- Standardized security protocols: Developing common security standards specifically designed for European regulatory requirements would reduce compliance costs and close vulnerabilities across the board.
Collaboration reduces R&D costs, sharpens our market position and unlocks funding from initiatives like ReArm Europe/Readiness 2030. Globally, in markets such as the U.S. and Asia, a united front could enhance our capacity to deliver standout products that solve real security problems.
We have already seen the benefits of collaboration. The Performance of European Partnerships under Horizon Europe has been widely successful and will see continued investment; European Union funding has reached €24.9 billion, and its partners have contributed an additional €40 billion, significantly increasing investment in the priorities of the EU.
With that said, competition remains essential. Organizations would still differentiate through service and client relationships but collaborate on shared challenges. A consortium wouldn't just refine our capabilities, it would fundamentally transform Europe's security posture while allowing each firm to focus on what they do best: helping customers protect their most critical assets.
Europe must rise to the occasion no matter what. As all entrepreneurs know: adapt or die. The global environment is increasingly complex: it is rapidly geopolitically and economically "deglobalizing" in some areas yet more connected than ever in others. Cyber threats exploit this dynamic, striking across borders and targeting weaknesses without distinction.
ReArm Europe/Readiness 2030 could be crucial for continent, but Europe’s cybersecurity business leaders must proactively shape the future, not wait for external prompts. The business sector must evolve to meet these challenges. Innovation and growth are strategic imperatives, not optional gestures.
Securing Europe’s future through action
To meet these challenges head-on, Europe’s cybersecurity leaders must turn reflection into results.
The "Cybus Initiative" represents more than business strategy, it's about ensuring Europe's digital sovereignty in an increasingly contested digital battlefield. I invite fellow industry leaders to join this critical mission.
It is worth considering whether fragmentation undermines our resilience. The proposed 28th regime, a legal framework to unify rules across the EU, could simplify compliance, strengthen innovation, and standardize regulatory practices. Still, achieving this requires navigating differences in national regulations and priorities.
We need to lead the charge through proactive industry direction including proposals, panels, or direct calls, starting today – global security depends on it. Proactive steps must be taken, rather than waiting for government directives. By aligning our voices now, we can ensure these resources strengthen both our industry and Europe's digital sovereignty.