Country strategies released per year
All information presented in this page is based on publicly available material or the Member States have contacted us and provided the information.
2015
2018
2019
2020
2021
2022
2023
2024
2025
2015 - National Cybersecurity Strategies
Croatia
15 objectives
2018 - National Cybersecurity Strategies
Lithuania
20 objectives
2019 - National Cybersecurity Strategies
Ireland
15 objectives
Poland
19 objectives
Portugal
19 objectives
Spain
19 objectives
Norway
19 objectives
2020 - National Cybersecurity Strategies
Greece
20 objectives
Cyprus
19 objectives
2021 - National Cybersecurity Strategies
Austria
18 objectives
Belgium
20 objectives
Bulgaria
17 objectives
Luxembourg
20 objectives
Czech Republic
19 objectives
Germany
20 objectives
Slovakia
18 objectives
2022 - National Cybersecurity Strategies
Iceland
20 objectives
Romania
18 objectives
Denmark
18 objectives
Italy
19 objectives
Netherlands
20 objectives
2023 - National Cybersecurity Strategies
Malta
20 objectives
Switzerland
17 objectives
Latvia
18 objectives
2024 - National Cybersecurity Strategies
Finland
18 objectives
Slovenia
18 objectives
Estonia
20 objectives
2025 - National Cybersecurity Strategies
Hungary
19 objectives
Sweden
20 objectives
France
18 objectives
Liechtenstein
17 objectives
Austria
2021
In Progress
The Austrian Strategy for Cybersecurity 2021 (ÖSCS 2021) is a comprehensive framework designed to ensure a secure cyberspace for Austria and the EU, emphasizing resilience against cyber threats. It aligns with EU directives, promotes cooperation among various stakeholders, and aims to bolster Austria's national and international cybersecurity efforts through structured measures, implementation, and continuous monitoring.
2013–2021
Replaced
The Austrian Cybersecurity Strategy 2013 was Austria’s first national framework to address cybersecurity. It laid the foundation for a coordinated national approach, emphasizing public-private cooperation, protection of critical infrastructure, and alignment with EU-level initiatives. The 2013 strategy remained in effect until it was replaced by the updated 2021 version (ÖSCS 2021).
Belgium
2021–2025
Concluding
The Belgian National Cybersecurity Strategy 2.0 (2021–2025) has aimed to "make Belgium one of the least cybervulnerable countries in Europe", strengthen Belgium's digital resilience by securing critical infrastructure, empowering users through awareness and training, and enhancing incident response capabilities via CERT.be and public-private partnerships. Led by the Centre for Cybersecurity Belgium (CCB), the strategy aligns with the EU NIS2 Directive and fosters collaboration among public, private, and academic sectors while actively engaging in international cybersecurity efforts. As the strategy period concludes, Belgium is evaluating its progress and preparing for future cybersecurity initiatives to maintain its position as a digitally secure and trusted nation.
2011–2021
Replaced
The first Belgian NCSS provided a foundational framework to improve national cybersecurity posture. It focused on raising awareness, establishing basic cybersecurity governance structures, and promoting public-private collaboration. Though relatively high-level, it laid the groundwork for institutional roles and cross-sector coordination, and was eventually replaced by Strategy 2.0 in 2021.
Bulgaria
2021–2023
In Progress
The Updated National Cybersecurity Strategy "Cyber Resilient Bulgaria 2023" outlines Bulgaria’s approach to enhancing national cyber resilience. It focuses on securing critical infrastructure, improving cybersecurity capabilities, fostering public-private partnerships, and ensuring compliance with EU cybersecurity regulations. The strategy also emphasizes international cooperation and strengthening governance mechanisms for cybersecurity.
2016–2020
Replaced
Bulgaria’s first national cybersecurity strategy, "Cyber Resilient Bulgaria 2020," focused on building a national cybersecurity system, protecting critical digital infrastructure, enhancing legal frameworks, and fostering cybersecurity awareness. It aligned with EU directives and served as the basis for the updated 2021 strategy.
Croatia
2015–2020
Completed
Focused on protecting critical infrastructure, promoting public-private cooperation, and fostering cybersecurity awareness.
Cyprus
2020–2025
In Progress
The strategy outlines a comprehensive framework for cybersecurity governance, critical infrastructure protection, public-private partnerships, and EU alignment.
2012–2020
Replaced
Cyprus’ first cybersecurity strategy addressed national coordination for information and communication systems security. It emphasized legal development, public-private cooperation, identification of critical infrastructure, awareness-building, and alignment with EU frameworks. It laid the foundation for institutional and policy advances realized in the 2020 strategy.
Czech Republic
2021–2025
In Progress
A comprehensive framework to enhance national cybersecurity resilience, align with EU/NATO standards, and protect critical infrastructure.
2015–2020
Completed
Focused on transitioning from basic cybersecurity capacity-building to more advanced capabilities. Emphasized international cooperation (EU, NATO), cybercrime prevention, critical infrastructure protection, and public-private collaboration.
2012-2015
Completed
Laying the foundations of the Czech Republic’s cybersecurity system: establishing the legal and administrative framework, and building basic cybersecurity capacities.
Denmark
2022–2024
In Progress
Denmark’s strategy focuses on enhancing cybersecurity resilience, protecting critical infrastructure, fostering public-private collaboration, and aligning with international standards.
2018–2021
Completed
A comprehensive upgrade introducing 25 initiatives and 6 sectoral strategies to increase digital resilience, strengthen public-private coordination, and invest DKK 1.5 billion in cybersecurity efforts.
2015–2016
Completed
The first national strategy focused on establishing foundational cybersecurity measures, including ISO 27001 implementation, improved government oversight, public awareness, and early threat assessment capabilities.
Estonia
2024–2030
Ongoing
Estonia's strategy focuses on safeguarding digital infrastructure, fostering cybersecurity awareness, promoting R&D, and aligning with EU and global standards.
2019–2023
Completed
Focused on safeguarding critical infrastructure, promoting cybersecurity awareness, and fostering innovation in cybersecurity.
2014–2017
Completed
Focused on improving the national cybersecurity framework, enhancing public-private collaboration, and securing Estonia's critical infrastructure.
2008–2013
Completed
Estonia's first comprehensive cybersecurity strategy, focusing on reducing vulnerabilities, developing a legal framework for cybersecurity, and strengthening international cooperation.
Finland
2024–2035
In Progress
The 2024 strategy focuses on responding to evolving geopolitical and technological environments, incorporating NIS2 requirements, and enhancing national cybersecurity capabilities, emphasizing international cooperation and cyber defense.
2019–2023
Completed
Updates the 2013 strategy, focusing on improving cybersecurity governance, international cooperation, and strengthening national cybersecurity capabilities across the public and private sectors.
2013–2018
Completed
Focused on securing Finland's information society against emerging cyber threats, with an emphasis on public-private cooperation, crisis management, and enhancing national cybersecurity resilience.
France
2025–2027
Ongoing
The latest strategy focuses on critical infrastructure protection, digital trust, privacy, cybersecurity resilience, and European digital autonomy. It promotes collaboration among government, private sector, and international partners to strengthen resilience and maintain leadership in global cybersecurity efforts.
2015–2020
Completed
France's NCSS outlined five strategic objectives focusing on infrastructure protection, digital trust, and awareness.
Germany
2021–2025
Under Evaluation
The strategy outlines measures to enhance cyber resilience, protect critical infrastructure, foster public-private collaboration, and align with EU and global cybersecurity standards.
2016–2021
Completed
Updated approach with four action areas focused on autonomy in digital space, whole-of-government architecture, and Germany’s international role. Introduced stronger emphasis on digital sovereignty.
2011–2016
Completed
Germany’s first strategy laid foundational structures like the National Cyber Response Centre and promoted public-private collaboration and critical infrastructure protection.
Greece
2020–2025
In Progress
Greece’s strategy focuses on protecting critical infrastructure, enhancing public-private collaboration, and aligning with EU standards.
2018–2023
Completed
An earlier version detailing Greece’s foundational cybersecurity principles and objectives for a secure digital environment. (Available in English and Greek)
Hungary
2025-2030
Ongoing
The National Cyber Security Strategy (NCSS), aims are to strengthen and maintain digital prosperity and national cybersecurity resilience by addressing the challenge of a changing world through achieving cybersecurity resilience to threats and challenges, continuously improving people's cybersecurity awareness, effective digitalisation and related security cooperation among public authorities and other economic actors, and enhancing public-society cooperation for defence and security purposes. Hungary emphasizes international cooperation with allies such as NATO, the EU, and the UN, and stresses the importance of coordinated efforts among the government, academia, business, and civil society.
2013-2020
Completed
The National Cyber Security Strategy (NCSS) of Hungary aims to ensure a secure, free, and innovative cyberspace while protecting national sovereignty and critical infrastructure. It outlines Hungary’s strategic objectives, tasks, and government tools to address cybersecurity risks and emphasizes international cooperation with allies like NATO, the EU, and the UN.
Iceland
2022–2037
In Progress
The strategy focuses on enhancing cybersecurity competence, fostering international cooperation, and leveraging advanced technologies to address evolving cyber threats. It emphasizes the protection of critical infrastructure, national security, and vulnerable groups, including children. The strategy is designed to be reviewed at intervals of no more than three years to assess progress and adapt to evolving cyber threats.
2015–2026
In Progress
Focuses on securing Iceland's information infrastructure, building capacity, and enhancing resilience. The strategy aims to strengthen national cyber legislation, address cybercrime, and improve response mechanisms, while promoting collaboration among government agencies, businesses, and international partners.
Ireland
2019–2024
In Progress
Ireland's NCSS focuses on protecting critical national infrastructure, developing cybersecurity skills, fostering public-private partnerships, and enhancing international engagement. It emphasizes a proactive approach to addressing evolving cyber threats and strengthening the National Cyber Security Centre (NCSC) capabilities.
2015–2017
Completed
Focuses on securing Ireland's digital infrastructure, creating the National Cyber Security Centre (NCSC), and protecting critical national infrastructure. It includes measures for tackling cybercrime, government collaboration, and public-private partnerships.
Italy
2022–2026
In Progress
The strategy focuses on protecting critical infrastructure, promoting innovation, and strengthening digital sovereignty while fostering collaboration between public and private sectors.
2013–2020
Completed
This framework focuses on enhancing national cyber defense capabilities and improving public-private cooperation, with specific guidelines on securing critical national infrastructures.
Latvia
2023-2026
In Progress
The strategy focuses on enhancing Latvia's cybersecurity governance, strengthening resilience against cyber threats, and fostering public and private sector collaboration. It covers critical infrastructure protection, workforce development, and international cooperation to ensure a secure and trustworthy cyberspace in Latvia.
2019-2022
Completed
Updated to strengthen Latvia's cybersecurity resilience, improve ICT system capacity, and focus on cybersecurity awareness. It continued the work of the 2014-2018 strategy and emphasized digital security risks.
2014-2018
Completed
This strategy focused on the initial development of Latvia's cybersecurity, with an emphasis on critical infrastructure protection, international cooperation, and legal frameworks to manage cyber threats.
Liechtenstein
2025–2030 (review in 5 years)
Active
Liechtenstein’s Cyber Risk Strategy 2025 defines a modernized national vision for cybersecurity, building on the 2020 strategy. Coordinated by the National Cyber Security Unit, it focuses on stakeholder responsibility, cross-border collaboration, and resilience of essential services and the financial sector. Five strategic fields include: risk recognition, awareness and networking, protection of critical and essential infrastructure, financial sector security, and crisis management. The strategy aligns with EEA regulations and incorporates measurable implementation via an action plan.
2020–2023
Replaced
Liechtenstein’s first national strategy on cyber risk aimed to build foundational cybersecurity capabilities. It emphasized public awareness, interagency cooperation, and establishing the National Cyber Security Unit. Nine action fields guided efforts, from setting up coordination structures to supporting critical infrastructure and enabling cross-border cooperation. The strategy stressed responsibility, education, and leveraging existing resources. It was valid for three years and laid the groundwork for the 2025 strategy.
Lithuania
2019–2023
Completed
The strategy emphasizes strengthening cybersecurity and cyber defense capabilities, promoting a cybersecurity culture and innovation, enhancing public-private partnerships, and fostering international cooperation.
2011–2019
Completed
This programme focuses on enhancing the security of electronic information in Lithuania, aiming to ensure cybersecurity by safeguarding critical infrastructures, protecting personal data, and improving the national response to cyber threats.
Luxembourg
2021–2025
In Progress
The strategy focuses on building trust in the digital world, enhancing the resilience of critical infrastructures, and developing a secure digital economy. It includes measures for education, public-private collaboration, and international cooperation, aiming to position Luxembourg as a leader in global cybersecurity efforts.
2018–2020
Completed
Focused on building public trust, securing critical infrastructure, and fostering cybersecurity innovation and economic development.
2015–2017
Completed
The strategy focused on national cooperation, legal updates, and raising awareness for cybersecurity in Luxembourg.
Malta
2023-2026
In Progress
Malta's NCSS aims to strengthen its digital resilience and ensure the security of its digital infrastructure. The strategy focuses on governance, cyber defense, competence, international cooperation, and risk management. It outlines a shared responsibility approach to combat growing cybersecurity threats and enhance national and international cooperation.
2016–2020
Completed
This strategy focused on the establishment of a governance framework, combating cybercrime, strengthening national cyber defense, securing cyberspace, and promoting cybersecurity awareness and education.
Netherlands
2022-2028
In Progress
The Netherlands Cybersecurity Strategy (NCSS) for 2022-2028 aims to enhance the country's cybersecurity resilience through collaboration across public, private, and civil society sectors. The strategy focuses on improving the security of digital products and services, addressing cyber threats from state actors and criminals, and developing the cybersecurity workforce.
2018–2022
Completed
Focused on improving national cybersecurity defenses and strengthening international collaboration in combating cybercrime.
2014–2018
Completed
The strategy aimed to address national vulnerabilities, enhance resilience, and improve cooperation with international cybersecurity efforts.
2011–2015
Completed
The strategy focused on creating a secure and resilient digital domain, emphasizing collaboration between public and private sectors to address growing cybersecurity risks.
Norway
2019 onwards
In Progress
This strategy outlines Norway's approach to enhancing cybersecurity governance, protecting critical infrastructure, and promoting international cooperation, with a focus on strengthening public-private partnerships and improving incident response capabilities.
Poland
2019–2024
In Progress
The strategy aims to enhance Poland's cybersecurity by strengthening systems, boosting national resilience to cyber threats, and fostering public-private partnerships. It includes clear goals for developing a national cybersecurity system, improving public awareness, and supporting international collaboration.
2017–2022
Completed
Updates the 2013 version and refines the framework for addressing emerging cyber threats, strengthening resilience, and enhancing cooperation.
2013–2017
Completed
Establishes the first comprehensive approach for securing Poland’s cyberspace, focusing on government and critical infrastructure protection.
Portugal
2019-2023
In Progress
Portugal's NCSS aims to enhance the country's cybersecurity resilience by protecting critical infrastructure and improving the security of digital services. The strategy focuses on governance, public-private partnerships, innovation, and the development of a cybersecurity workforce, while aligning with EU regulations and international standards.
2015-2020
Completed
The first National Cyberspace Security Strategy, aiming to secure network and information systems, promote secure use of cyberspace, and address vulnerabilities and threats.
Romania
2022–2027
In Progress
Romania's National Cybersecurity Strategy focuses on ensuring secure and resilient IT systems, strengthening institutional frameworks, promoting public-private partnerships, and enhancing international cooperation. It aligns with EU and NATO commitments.
2013
Completed
Romania's foundational cybersecurity strategy, focusing on securing the country's critical infrastructure, promoting a resilient digital environment, and enhancing cooperation both nationally and internationally.
Slovakia
2021-2025
In Progress
Slovakia's NCSS aims to enhance the country's cybersecurity governance, resilience, and protection of critical infrastructure, services, and citizens. The strategy focuses on adapting to evolving threats, fostering international cooperation, and building a skilled workforce. The implementation plan includes specific tasks, responsible entities, and measurable indicators to track progress.
2015-2020
Completed
The NCSS for 2015-2020 provided a framework to develop the cybersecurity governance system in Slovakia. It emphasized institutional and legislative measures, along with international cooperation. The strategy focused on building cybersecurity resilience and enhancing critical infrastructure protection.
2009-2014
Completed
The 2009 NCSS was Slovakia's first national strategy for cybersecurity. It established the foundational principles and governance mechanisms for the protection of national infrastructure and sensitive systems, setting the stage for later strategies. It focused on legal and technical frameworks to ensure information security.
Slovenia
2024-2029
completed
International engagement strategy of GISO outlines five goals to be pursued thorugh four different fora (bilateraly, EU, NATO, other international fora):
1. Strengthening national security: sharing and using information and experience to increase the resilience of all actors in the Republic of Slovenia to cyber threats.
2. Support capacity development: Improve the capacity to anticipate, identify and detect potential cyber-attacks and to respond to and recover from cyber incidents. We also want to create the conditions to conduct isolation, containment, neutralisation, degradation, disruption and destruction operations in the field of cyber security.
3. Working within the EU and NATO: Transpose into national legislation as quickly as possible and implement effectively all EU and NATO documents in the field of cybersecurity. Participation in cyber operations and exercises.
4. Strengthening international cooperation: We aim to build relationships and systems for mutual information and information exchange with like-minded countries and to foster economic cooperation in the field of cyber security.
5. Active participation in international fora: We will actively participate in global fora and organisations such as the United Nations, the Organisation for Security and Cooperation in Europe, the International Telecommunication Union, Counter Ransomware Initiative, and other, where we will work and advocate the values and principles of democracy and human rights together with our partners in the global West.
2023-2030
completed
Priority no. 6 is cybersecurity
2016–2020
Completed
Slovenia's NCSS focuses on creating a comprehensive cybersecurity assurance system, improving resilience to cyber threats, and enhancing national and international cooperation. It outlines key areas for development, such as critical infrastructure protection, cybersecurity awareness, and the establishment of a national coordination system. The strategy aims to ensure a secure cyberspace for both public and private sectors.
Spain
2019–
In Progress
Focuses on protecting critical infrastructure, enhancing resilience, fostering public-private partnerships, and ensuring alignment with EU directives.
2013–2018
Completed
Focused on safeguarding Spain's cyberspace with a comprehensive model of public-private coordination, emphasizing national leadership, and global cooperation to secure ICT systems and critical infrastructures.
Sweden
2025–2029
In Progress
Presents the Swedish government’s vision for the future of cybersecurity, focusing on resilience, innovation, and international collaboration.
2017–2027
Completed
The strategy focuses on enhancing Sweden's resilience against cyber threats, fostering public-private cooperation, improving cybersecurity education, and aligning with EU directives.
Switzerland
2023–2027
In Progress
Switzerland’s National Cyberstrategy (NCS) 2023 focuses on leveraging digitalisation while addressing rising cyber threats. Key priorities include cybersecurity education, digital infrastructure protection, enhanced incident and crisis response, combatting cybercrime, and stronger international collaboration. The strategy is jointly steered by federal, cantonal, and private-sector actors and includes detailed implementation measures across five strategic goals.
2018–2022
Replaced
This second-generation NCS focused on improving Switzerland’s resilience to cyber incidents, enhancing early detection, response capacity, and private-public cooperation. It built upon the 2012 strategy, reflecting the rapidly evolving threat landscape and increasing interconnectivity in Swiss society. The strategy emphasized shared responsibility across public and private sectors.
2012–2017
Replaced
Switzerland’s first NCSS laid the foundation for national cybersecurity policy. It defined goals such as early threat detection, critical infrastructure protection, and cybercrime prevention. The strategy highlighted collaboration, subsidiarity, and a decentralized implementation approach. It also introduced seven key action areas including legal reforms, R&D, international cooperation, and risk analysis.