On 22 January, the Dutch 'Centraal Plan Bureau' (CPB) has launched a Policy Brief about the bottlenecks in the cyber security market. The Policy Brief states that the European cyber security market is not yet functioning optimally. As a result of this, organisations can choose between expensive, controllable national cyber security solutions, or foreign products that are relatively inexpensive but difficult to control.
According to the CPB, the two main bottlenecks which prevent the European cyber security market from functioning optimally, are a lack of confidence in the supply of foreign cyber security companies and a lack of opportunities for European companies to create economies of scale. As a result, Dutch cyber security organisations sometimes struggle to sell their products abroad.
The policy brief states that in order to increase (international) trust, agreements are needed about the behaviour of countries in the ‘cyber domain’. To create economies of scale, more information is needed about the costs and benefits of cyber security. This could be achieved by encouraging companies to include a ‘cyber security paragraph’ in their annual reports, and by collecting more European statistics. Furthermore, the government plays an important role in adequate supervision of the cyber security in critical processes. Creating economies of scale is necessary to be able to compete with the big (mainly) American cyber security companies. This increases the confidence in, and the quality of the European supply of cyber security solutions.
The recommendations of the CPB Policy Brief could help to improve the functioning of the cyber security market, increase the general level of cyber security, and allows reaping economic benefits of digitisation.
More information (in Dutch)