Cybersecurity market analysis is a topic that plays an important role in regulation (Cybersecurity Act (CSA).


Cybersecurity market analysis helps understanding the level of uptake of cybersecurity related products, services and processes in the relevant market. Such information will be the driver for the deployment of a variety of measures to vitalise the internal cybersecurity market, to take proper market deployment measures, promote innovation and close market gaps.As it has been stipulated in Art. 8, as well as in Title III of the CSA, the consideration of developments in cybersecurity market constitutes a main focal point within CSA, in particular in the context of certification.

The ENISA work on the EU cybersecurity market aims to provide input to:

  • The Union Rolling Work Programme for European Cybersecurity Certification by means of “market demand” (Art. 47 CSA);
  • The promotion of “the use of European cybersecurity certification, with a view to avoiding the fragmentation of the internal market. ENISA shall contribute to the establishment and maintenance of a European cybersecurity certification framework in accordance with Title III of this Regulation, with a view to increasing the transparency of the cybersecurity of ICT products, ICT services and ICT processes, thereby strengthening trust in the digital internal market and its competitiveness” (Art. 4.6 CSA).

Analysing how well cybersecurity products, services and processes resonate in the market is a key indication for their market diffusion, importance, quality and acceptance. Though cybersecurity has been considered in the past within market analysis efforts, the customisation and scoping of cybersecurity market analyses is still at low levels of maturity.

Moreover, market data on cybersecurity products, services and processes are scarcely taken into account in cybersecurity development life-cycle, e.g. within decision-making processes for the launching and development of cybersecurity initiatives, product ideas, policy actions, research funding, and deployments.

By initiating this activity, ENISA delivers an important, yet novel contribution towards a more targeted, market-driven decision-making process for the conception, launching and maintenance of cybersecurity products, services and processes within the EU.

In its efforts to contribute towards analysing the cybersecurity market ENISA has initiated a series of activities in the area of cybersecurity market analysis:

  • Performance of regular, annual cybersecurity market analyses for various sectors that are of high priority in the agendas of various stakeholders within the EU (i.e. Member States, Commission, industry, research, etc.)
  • Development, use and dissemination of a Cybersecurity Market Analysis Framework, consisting of methods and tools supporting the activity of cybersecurity market analysis.
  • Organisation of events in the area of cybersecurity market analysis as European fora to bundle existing knowledge on market analysis, allow for bonding of stakeholders interested in cybersecurity market analysis and create a stakeholder community interested in this topic.
  • Setting up and running of the ENISA ad Hoc Working Group on Cybersecurity Market , that is an expert group advising ENISA in all subjects related to its work. It is composed of European experts in the area of market analysis selected following a public call.

The work on cybersecurity market analysis has been kicked-off during 2021. Since then, ENISA works on the gaining market analysis expertise regarding methods, tools and creation of expert networks. Through an iterative process, the obtained knowledge is subject to continuous validation, adaption and dissemination. In this process, the engagement of both external and ENISA–internal stakeholders is key to a better mobilization of resources and uptake of achieved results.

Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies