InnovXInnovX

News ECYBRIDGE: Cyber Resilience at the Civil-Defence Crossroads

ECYBRIDGE: Cyber Resilience at the Civil-Defence Crossroads

Today, Europe’s critical infrastructure (ports, energy grids, logistics corridors) is under growing pressure from hybrid threats that blend cyberattacks, physical sabotage, and disinformation. In this landscape, the risks are no longer just technical, they’re strategic, societal, and urgent.

While the threat evolves fast, our systems remain slow. Civil, corporate, and defence actors often work in silos, slowed by complex regulation or lacking a common playbook. Yet resilience demands coordination. Real-time coordination.

This is where ECYBRIDGE comes in.

Backed by Digital Europe Programme, the ECYBRIDGE project brings together public and private actors to build dual-use cybersecurity solutions, protecting both civilian infrastructure and defence systems. With InnovX among its key partners, the project blends innovation support with real-world simulations, like the CyberX Day in Constanța, where participants tackled a coordinated multi-domain attack scenario.

In this article, we’ll explore what ECYBRIDGE is building and why it matters - through project insights and expert reflections. Not just to understand the threats, but to shape a smarter, faster, more united European response.

ECYBRIDGE Graphic

The ECYBRIDGE Project: A New Architecture for Dual-Use Cyber Innovation

At its core, ECYBRIDGE is more than a project. It is a systemic response to a shifting security landscape. As hybrid threats grow in complexity, Europe can no longer afford to treat civilian and defence cybersecurity as separate efforts. ECYBRIDGE is designed to build the connections between these worlds, encouraging collaboration, accelerating innovation, and supporting the development of dual-use solutions that can protect both public and strategic assets.

The Purpose: Bridging Civilian and Defence Cyber Gaps

Traditional cybersecurity approaches often fall short in the face of today’s interconnected threat environment. Attacks now ripple across sectors such as logistics, communications, energy, and transport, often combining physical and digital elements. ECYBRIDGE starts from the understanding that defending modern infrastructure requires more than sector-specific strategies. It requires a unified, ecosystem-wide approach.

The project supports the development of dual-use technologies that serve both civilian and defence needs. Whether it is real-time threat detection, early-warning diagnostics, or scalable response systems, the aim is to strengthen resilience across critical infrastructures and border-aligned networks alike.

The Consortium: Public Meets Private, National Meets European

Funded through the European Defence Fund, ECYBRIDGE brings together a diverse group of partners. These include national institutions, infrastructure operators, innovation accelerators, and technology providers. #InnovX plays a central role in facilitating these connections and fostering the involvement of startups capable of responding to emerging needs.

This combination of institutional leadership and entrepreneurial agility is essential. Through our STARTUPsX platform, InnovX brings to the ECYBRIDGE ecosystem a curated pipeline of dual-use innovators, startups developing technologies agile enough for the civilian world, yet powerful enough to scale into critical infrastructure and defence applications.

ECYBRIDGE is structured to unite perspectives across civil and defence domains, encouraging joint learning and mutual trust. The project’s strength lies in this diversity, which reflects the complexity of the challenges it aims to address.

How It Works: From Vision to Execution

ECYBRIDGE unfolds through a series of work packages that focus on research, capability development, and piloting. But the project goes beyond strategy and policy design. It emphasizes hands-on application and operational testing.

One of the clearest examples is #CyberXDay, organized at the Constanta Maritime University, Romania. This simulation immersed participants in a high-stakes scenario involving simultaneous attacks on energy, logistics, and communication systems, combined with waves of disinformation. Experts from across sectors were tasked with responding in real time, revealing gaps in coordination and decision-making under pressure.

Exercises like these are essential to the project’s mission. They help translate abstract strategies into real-world practices, identify vulnerabilities, and build the shared reflexes needed to respond effectively to future crises.

CyberXDay Simulation

Insights from the Ecosystem: 5 Reflections on Readiness

One of the most valuable aspects of ECYBRIDGE is the dialogue it creates across sectors. Following the CyberX Day simulation in Constanța, we gathered input from cybersecurity professionals, infrastructure operators, and defence-sector stakeholders to better understand where the ecosystem stands today, and what’s still missing.

Their responses point to recurring themes: the need for simplified frameworks, faster decision-making, realistic training, and a mindset shift in how we approach both coordination and complexity. Below are five critical reflections that emerged.

(1) Coordination First: The Need for Clear Public-Private Protocols

When defending critical infrastructure such as ports, energy grids, or communication lines, coordination between public and private actors is essential. Yet most respondents agree this coordination remains inconsistent or poorly defined.

What is missing most is clarity.

Participants stressed the need for well-defined roles, responsibilities, and procedures before an incident occurs. They highlighted the importance of practical exercises that reflect those rules, so all stakeholders know how to act in real-life situations. As one expert put it, “We need clear and simple policies and procedures, and we need to practice them. Otherwise, we will improvise, and that costs time we do not have.”

(2) Hybrid Threats Demand Objective Thinking and Critical Truth-Finding

As threats become increasingly hybrid - combining cyberattacks with physical disruption and disinformation - security teams must focus on more than just digital systems. They must also protect truth.

One respondent noted the growing danger of “positive” manipulation: disinformation that appears well-intentioned but subtly distorts reality or assigns blame. Without objective thinking, decisions made during a crisis can be skewed by emotion or bias. And as they pointed out, “Subjectivity in moments of crisis leads to irreversible errors.”

This reflection reframes hybrid defence as a challenge not only of systems, but also of perception. Identifying the truth quickly and accurately is a vital part of any coordinated response.

(3) Aligning Civilian, Corporate, and Defence Needs Without Overlap

The idea of a single cybersecurity framework that serves all sectors may sound efficient, but responses suggest it is not always realistic. Civilian, corporate, and defence systems often have different goals, timelines, and vulnerabilities. Attempting to unify them into one rigid protocol may do more harm than good.

Instead, respondents recommend a modular approach. Each sector can operate within its own tailored framework, while still maintaining the ability to collaborate when needed. As one expert explained, “It is not about mixing different realities. It is about knowing when and how to connect them.”

This kind of flexibility is essential for resilience. It allows for coordination without confusion.

(4) From Past Crises to Future Readiness

When looking back at previous cyber incidents, such as ransomware attacks on logistics or sabotage in energy systems, one lesson stood out. The first hours of a crisis are often lost to indecision and unclear chains of command.

Respondents emphasized that readiness must include pre-established frameworks and clear authority structures. Inter-agency coordination should not begin during the emergency but long before it. One participant noted, “Sometimes speed will overcome precision. In the early stages of a crisis, you just need to act.”

This calls for more than good policies. It requires practicing how those policies work under pressure.

(5) Preparing for Multi-Domain Attacks Means Acting in Advance

During the Constanța simulation, participants faced a scenario where multiple domains - logistics, energy, communications - were under attack at once. Their key takeaway was simple. You do not coordinate during the crisis. You prepare before it begins.

This preparation includes anticipating critical dependencies, assigning roles early, and training teams to respond in parallel. According to one expert, success depends on having a convergence model and an operations cell that already knows how to prioritize, communicate, and act.

In high-pressure situations, hesitation can be more dangerous than a wrong move. Building trust and coordination before the attack is the only way to respond effectively when it begins.

▶️What Comes Next

The reflections gathered through ECYBRIDGE underline a shared reality: Europe’s cybersecurity landscape is evolving faster than its frameworks. To protect critical infrastructure, we need faster coordination, smarter integration, and real-world collaboration across public, private, and defence sectors.

This is the work ECYBRIDGE has set in motion. Through joint simulations, ecosystem insights, and multi-country trainings, the project is helping shape not just reactive protocols, but proactive strategies. We are not just responding to threats. We are building resilience ahead of them.

If you’re working in cybersecurity, defence, infrastructure, or policy and want to be part of this effort, now is the perfect moment to engage.

Join Us for ECYBRIDGE Training 2 – Registration Now Open

From 30 September to 2 October 2025, we’re heading to Varna, Bulgaria, for the second ECYBRIDGE training session, hosted at the Nikola Vaptsarov Naval Academy and available online via Microsoft Teams.

This edition, titled “Common and Coordinated EU Efforts,” explores how Member States collaborate in real-time during major incidents. Expect deep dives into crisis communication, incident response, civil-defence cooperation, and cross-border coordination at the EU level.

✅ Participation is 100% FREE

📍 Onsite or online

🗓️ Registration deadline: 16 September 🔗 Register here

ECYBRIDGE Video

Let’s strengthen Europe’s cyber resilience, together.

🙌 Acknowledgements: A special thank you goes to Prof. Gabriel Raicu, Rector of Constanta Maritime University, and Dr. Nicu Iancu, Vice President of the MARITIME CYBERSECURITY CENTRE OF EXCELLENCE for their enduring leadership and vision. Their continuous commitment to strengthening civil-defence collaboration and fostering innovation at the Black Sea frontier has been a driving force behind ECYBRIDGE’s growing impact across Europe.