How to create a successful cyber innovation ecosystem
Cities, regions and countries establish themselves as world-class innovation ecosystems for a multitude of technology verticals, including cybersecurity. But cybersecurity, like data science or AI, is not a vertical. It functions as a cross-cutting horizontal that can enable a stack of digital innovations (hardware and software) to proliferate new markets. So what makes a cybersecurity ecosystem different from any other innovation ecosystem, and how do we make one flourish?
I’ve observed four primary drivers of success during my tenure as the president of Global EPIC:
1. Co-location with other technology industry innovation ecosystems.
2. A dedication by the government to be a primary funder and a customer.
3. Aggressive and creative education and upskilling human capital in cybersecurity.
4. A robust public-private partnership model that drives leadership.
Cybersecurity as an enabler for innovation across verticals
As our economy becomes more digitised, the pathways for unsecured data also increase. An innovation ecosystem in cybersecurity co-located with a vertical technology hub has the potential to spur a new generation of digital technologies that are designed to be secure.
Global EPIC, a network of 30 cybersecurity innovation ecosystems from 22 different countries, facilitates global collaboration among digital security ecosystems to create positive local economic development for all economies. These hubs have well-developed cybersecurity ecosystems that complement a number of local technology verticals that are critical to the economy such as life sciences, advanced manufacturing, digital health, smart cities, fintech, robotics, industrial controls, public safety, smart mobility, and more. Intersections between these ecosystems can help establish industry standards and new design considerations that couldn’t be considered independently.
The role of government
Outside the realm of technology, cybersecurity often has a close relationship with public safety, and the most successful cyber innovation ecosystems tend to have strong government leadership. This makes digital security a measure of economic development strength, and not just military readiness.
This means that a culture of processes and practices designed to protect data needs to be present to attract new investment and protect existing stakeholders and institutions. It also means that the government is a willing customer of new technologies and can help entrepreneurs refine their scalable go-to-market strategies. Israel has demonstrated this most notably and serves as a model for economies all over the world. Across the Global EPIC membership, more than half of our members are funded primary through the government.
Beyond being a focus for an innovation ecosystem, cybersecurity must be a culture of practice in every home and workplace, just like cleaning a kitchen or submitting a company budget. By democratising the work of data security to everyone, it becomes a hallmark of a civil society.
This focus on cybersecurity can create pathways to employment for people who aren’t traditionally engaged in technology innovation. For example, if a human resources team or a pool of executive assistants is trained to actively practice data security compliance and monitoring, they will develop new skills and new perspectives that a traditional IT office may not consider. The recruitment of women into cybersecurity is a top priority for Global EPIC members, and this broadened workforce upskilling could increase the pipeline of female talent.
Finally, each Global EPIC member ecosystem has at least one research university or institute playing a leadership role in R&D, which is funded in partnership with the government and/or private industry. Academia offers these public-private partnerships a place to convene and experiment in a rich setting with a diversity of technical, business, and social science expertise and advanced technology. The public-private sector partnership also enables entrepreneurs to build more robust use cases.
In summary, to successfully grow a cybersecurity innovation ecosystem, each country, state, or city must:
- identify existing technology expertise areas where a digital security cluster may be complementary and incentivise the exchange to produce competitive products and services
- strategically offer the government as a customer for investment in the growth of startups and scaleups
- invest in school curriculums that teach data security as an essential part of any skills acquisition programme and support broad talent upskilling of existing human capital to include digital security skills
- advance R&D public-private partnerships with a government, academia, and private sector stakeholder group to solidify internationally notable expertise – including collaboration with multinational partners