Carme Artigas opens the ENISA Annual European Cybersecurity Skills Conference

The Spanish Presidency of the Council of the European Union is collaborating with the Spanish National Institute for Cybersecurity (INCIBE), an institute within the Ministry of Economic Affairs and Digital Transformation along with the Secretariat for Digitalisation and Artificial Intelligence, and the Spanish Ministry of Education and Vocational Training to organise the second “Annual European Conference on Cybersecurity Skills”.   

On 21 and 22 September, we will share and discuss progress regarding the promotion and support of the European Cybersecurity Skills Framework (ECSF) by ENISA, the European Union Agency for Cybersecurity, at the Parador Nacional de Segovia.   

The conference will also discuss ENISA's part in the European Commission's Cybersecurity Skills Academy programme. It will offer a chance to share ECSF implementation and adoption examples. This includes creating knowledge and training to increase the expert workforce, identifying ways to develop cybersecurity skills, tracking progress in closing the skills gap, and coordinating with governments, industry, and academia.  

There will be over 180 cybersecurity experts from Europe who will attend the event. The purpose is to talk about experiences, challenges, and best practices after implementing the ECSF. Furthermore, we will strive to improve and establish beneficial connections between ENISA-ECSF and other relevant initiatives at both the EU and Member State levels to increase awareness about the importance of promoting multi-stakeholder cooperation on cybersecurity skills.

Inauguration of the Conference  

The opening was attended by a number of key individuals, including Carme Artigas, the Secretary of State for Digitalisation and Artificial Intelligence; Félix Barrio, the Director General of INCIBE; Ingrina Taurina, the Head of the Executive Director Office for ENISA; Despina Spanou, the Head of the Cabinet of the Vice-President of the European Commission for promoting the European Way of Life; and Clara Sanz, the General Secretary for Vocational Training within the Spanish Ministry of Education.  

Carme Artigas highlighted the challenge that lies ahead for us in 2026: “to enhance Spain's capabilities in cybersecurity, promote the growth of the business ecosystem within this industry, and bolster the country's global leadership in this field.” She also highlighted the significance of programmes like INCIBE Emprende, the Strategic Initiative for Innovative Public Procurement (IECPI) which has an overall budget of 224 million euros, and the internationalisation of cybersecurity in companies, among others: "The cybersecurity industry in Spain is a significant contributor to generating wealth, employment, and companies in the rapidly growing digital security sector. To achieve this objective, the following actions will be taken: reinforcing and promoting the national cybersecurity industry, boosting research and development, and identifying and developing professionals to address the shortage of talent in the sector".   

Félix Barrio expressed gratitude to ENISA and the Ministry of Education for their collaborative efforts in organising this conference. He emphasised the significance of these initiatives and the globalisation of cybersecurity: “INCIBE focuses on aiding Spanish businesses in expanding globally, helping throughout all stages of the process including analysing and entering new markets, enhancing visibility abroad, and implementing in foreign markets.  Furthermore, they actively work towards attracting foreign investment and promoting Spain as a destination for cybersecurity projects”. He also stressed the importance of cybersecurity: "Cybersecurity is vital, now more than ever. Cybercrime is on the rise, with a staggering 90 million attacks taking place each year. The cost of these attacks stands at 10.5 billion euros, a significant increase from the 3 billion US dollars a decade ago and the 6 billion USD in 2021”.   

Finally, ENISA's Executive Director Juhan Lepassaar: "To implement all the current and upcoming EU legal requirements for cybersecurity, we need more skilled people. Without this human capital we cannot achieve our goal of a high level of cybersecurity across the EU”.

European Cybersecurity Skills Framework (ECSF)  

The European Cybersecurity Skills Framework (ECSF) is a useful resource for identifying and expressing the duties, abilities, proficiencies and information linked with the jobs of European cybersecurity experts. It's the standard set by the EU to determine and evaluate important abilities, as outlined in the Cybersecurity Skills Academy newly disclosed by the European Commission.  

The framework and its corresponding manual were showcased at the first ENISA cybersecurity aptitude conference in September 2022. In April 2023, the Commission created the Cybersecurity Skills Academy to combine various cyber skills initiatives and improve their coordination. This was done to eliminate the cybersecurity talent shortage, as well as to strengthen EU competitiveness, growth, and resilience.   

The ECSF is what the Academy will use to identify and evaluate important skills, keep track of changes in skills gaps, and give clues about new requirements. The influence and upcoming prospects of the ECSF, alongside its function in the Academy , will be outlined at the event.