As the ongoing digital transformation leads to increased cybersecurity threats, the European Parliament’s Panel for the Future of Science and Technology (STOA) is organising a workshop on enhanced EU cooperation on cybersecurity in Brussels on 4 February 2026.
One of the speakers is Associate Chief Cybersecurity and Operational Officer, Florian Pennings of the European Union Agency for Cybersecurity (ENISA). This agency provides support to European countries and critical sectors for a better resilience against cybersecurity threats. We asked him about the state of cybersecurity in EU and where his agency helps fill the gaps.
Public administrations face over a third of EU cyberattacks. How does ENISA help member states protect their systems?
For example, the EU Cybersecurity Reserve consists of services from trusted managed security service providers to support the response and initiate recovery actions in the case of severe cybersecurity incidents.
The EU Cybersecurity Reserve focuses specifically on entities operating in sectors of high criticality or to affected entities operating in other critical sectors which includes public administration, primarily in support of EU member states and third associated countries.
We also support the development of National Cybersecurity Strategies and provide guidelines on cyber crisis management.
Where does the EU stand on cybersecurity overall?
Florian Pennings: Our EU-level risk assessment shows a substantial cyber threat level. We’re seeing threat actors actively exploiting discovered vulnerabilities targeting EU entities.
What role does the private sector play in supporting ENISA?
Florian Pennings: Cybersecurity is a team sport. Cybersecurity threats cannot be addressed in isolation and they are not bound by geographical borders. The knowledge and experience acquired by ENISA from the private sector is essential.
The ENISA Cyber Partnership Programme (CPP) creates a network of vendors and suppliers promoting information and knowledge exchange and situational awareness to foster stronger EU cybersecurity and preparedness.
The EU Cybersecurity Reserve also plays an important role as it foresees incident response services from trusted managed security service providers.
When we develop certification schemes, commercial experts join our working groups. And for over a decade, we’ve worked with Information Sharing and Analysis Centres, which bring together public and private entities to share cybersecurity knowledge.
As you see, the agency very much depends on its ability to receive relevant state-of-the-art expertise from the private sector.
What’s the biggest challenge in recruiting and retaining cyber talent?
Florian Pennings: The skills shortage is the one of the top emerging cyber threats, as organisations are struggling to recruit personnel with cybersecurity expertise, either because of a lack of candidates or because they lack the required skills.
ENISA has been working to promote professional upskilling. The European Cybersecurity Skills Framework (ECSF) creates a common understanding of the roles, competencies, skills and knowledge to facilitate cybersecurity skills recognition and to support the design of cybersecurity-related training programmes.
Secondly, the Cybersecurity Higher Education Database (CyberHEAD) is the largest public updated online repository of Higher Education Institutions (HEI) programmes on cybersecurity. The data coming from CyberHEAD show that the Higher Education Institutions are creating more programmes to respond to the workforce shortage. According to these data, the number of cybersecurity graduates has peaked at 3,100, with 25% growth over the past two years.
However, the cybersecurity workforce shortage in the EU is estimated at 300,000, a gap that cannot be closed with the current number of graduates.
Where’s the greatest need for stronger EU-level coordination?
Florian Pennings: Strengthening the shared situational awareness, setting up the EU’s vulnerability management infrastructure and services and enhancing the security of technologies and products will be crucial in the coming years.
ENISA also works with partners outside the EU. Why is this necessary?
Florian Pennings: Our international work adds value to partnerships that the EU and its member states already have.
We focus on actors who share our values and on engagements that strengthen our strategic objectives. For example, ENISA cooperates with Ukraine in the areas of capacity-building, the exchange of best practices and the sharing of information and knowledge.
Is AI more of an opportunity or a threat for EU cybersecurity?
Florian Pennings: The 2025 ENISA Threat Landscape report shows that the growing role of AI has become a key trend as threats evolve. AI is used as an optimisation tool for malicious activities, and also as a new point of exposure.
However, while AI can be exploited to manipulate expected outcomes and be used to facilitate the launch of cyberattacks, AI techniques can also enhance security operations and help mitigate adversarial attacks.