Central and Eastern Europe (CEE) has long been recognized for its strong technical education, innovative mindset, and geopolitical significance. Yet, despite world-class talent and growing institutional support, the region still faces challenges in scaling its cybersecurity startups and securing sufficient investment.
These were among the key themes discussed in “CEE: The Cybersecurity Hub at the Heart of Europe”, a webinar hosted by Patrick Donegan of HardenStance on 30 September 2025. The expert panel included Joanna Swiatkowska (ECSO), Przemyslaw Deba (Orange Polska), Razvan Todor (Bitdefender), and Robert Sefr (Whalebone).
Highlights
- Education and Innovation: The CEE Region’s Deep Roots in STEM
- Cybersecurity Innovation and Expertise
- Institutions, Sovereignty, and Strategy
- Scaling Startups: Talent Without Capital
- From Regional Partners to Global Players
- A Region with Global Ambition
- TL;DR
Education and Innovation: The CEE Region’s Deep Roots in STEM
CEE’s cybersecurity strength begins in its classrooms. Joanna Swiatkowska emphasized the region’s long-standing focus on theoretical mathematics and computer science, which fosters analytical thinking and technical adaptability.
Przemyslaw Deba noted that the region’s resourcefulness has additional historical roots: during the Cold War, engineers had to innovate without access to Western technology. That “build-it-yourself” culture persists today, producing creative and technically proficient problem solvers.
However, while CEE excels in theory and engineering, Rober Sefr highlighted teacher shortages, and Razvan Todor pointed out a gap in commercial and entrepreneurial frameworks compared to Western Europe. Bridging that divide is key to scaling the region’s innovations globally.
Watch the full video discussion here
Cybersecurity Innovation and Expertise
CEE companies have an impressive record in cybersecurity innovation. From antivirus pioneers like Avast, AVG, Bitdefender, and ESET, to newer players in threat intelligence, secure communications, and identity management, the region continues to shape the global cybersecurity landscape.
As Robert Sefr recalled, early exposure to cyber threats fostered practical innovation – from homegrown antivirus tools in the 1990s to today’s privacy and authentication startups. Continuous exposure to real-world attacks, as Deba noted, keeps the region’s defenders sharp and adaptive.
Institutions, Sovereignty, and Strategy
The panel highlighted the CEE region’s vital institutional ecosystem. Estonia’s NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), Latvia’s Strategic Communications Centre, and Romania’s European Cybersecurity Competence Centre (ECCC) exemplify how the region has become a backbone for Europe’s cyber strategy.
Digital sovereignty was another recurring theme. As Todor put it, Europe must “control its digital future” – its data, infrastructure, and critical technologies. Swiatkowska urged collaboration across borders and sectors: Europe must act as one to build true cybersecurity autonomy.
Sefr and Deba stressed that sovereignty should not slip into isolationism. Public-private collaboration and technological openness remain essential to resilience.
Watch the full video discussion here
Scaling Startups: Talent Without Capital
The discussion turned to one of Europe’s biggest challenges: funding. Swiatkowska cited ECSO research showing a €1.75 billion annual investment gap in European cybersecurity compared to the U.S.
CEE startups, though rich in ideas and talent, often lack the growth-stage capital to scale. As a result, many relocate or are acquired by non-European firms. ECSO’s forthcoming European Cybersecurity Investment Platform, for example, aims to change this, empowering VCs to back homegrown innovators.
Sefr and Todor both noted that mindset also matters, as many startups exit early rather than scaling to a position of global leadership. Shifting focus from acquisition to sustainable global growth could redefine success for the region.
From Regional Partners to Global Players
To close, Deba and Sefr offered practical paths for deeper collaboration with CEE cybersecurity firms:
- Leverage local expertise and cost-efficient, EU-compliant nearshore centers
- Co-develop technologies with regional startups to share R&D costs
- Build distributed operations across Europe to enhance resilience
Sefr also mentioned Whalebone’s DNS4EU and DNS4GOV initiatives as examples of scalable public-private collaboration – delivering protective DNS to schools, hospitals, and ministries through simple, high-impact technology.
A Region with Global Ambition
As Donegan concluded, CEE stands out not only for its technical excellence but also for its strategic position in shaping Europe’s cybersecurity future. The region’s blend of talent, resilience, and innovation makes it a natural hub – one that Europe cannot afford to overlook.
TL;DR
The 30 September 2025 webinar “CEE: The Cybersecurity Hub at the Heart of Europe” featured experts from European Cyber Security Organisation (ECSO), Bitdefender, Orange Polska, and Whalebone (DNS4EU Consortium Leader) who discussed:
- How CEE compares to Western Europe in STEM education and cyber talent development
- The sectors where CEE companies are leading in cyber innovation
- Key research institutes and cyber alliances shaping the region’s impact
- CEE’s growing role in Europe’s digital sovereignty and cybersecurity resilience
- Collaboration opportunities for European governments and enterprises
Watch the full video discussion here