Cyber Security Business Development Mission to Poland and Romania; May 11-15, 2015

Mission Description

The United States Department of Commerce, International Trade Administration (ITA), is organizing an Executive-led Cyber Security Business Development Mission to Poland and Romania from May 11-15, 2015.

The purpose of the mission is to introduce U.S. firms and trade associations to Eastern and Central Europe's information and communication technology (ICT) security and critical infrastructure protection markets and to assist U.S. companies to find business partners and export their products and services to the region. The mission is intended to include representatives from U.S. companies and U.S. trade associations with members that provide cyber security, critical infrastructure protection, and emergency management technology equipment and services. The mission will visit Poland and Romania, where U.S. firms will have access to business development opportunities across the Eastern and Central European region. Participating firms will gain market insights, make industry contacts, solidify business strategies, and advance specific projects, with the goal of increasing U.S. exports of products and services to Eastern and Central Europe. The mission will include customized one-on-one business appointments with pre-screened potential buyers, agents, distributors and joint venture partners; meetings with state and local government officials and industry leaders; and networking events.

The mission also will include a significant regional component to expand the reach of the companies to at least 10 other potential markets (Bulgaria, Moldova, Hungary, Serbia, Croatia, Macedonia, Bosnia, Montenegro, and Slovenia) in Central and Eastern Europe. Foreign Commercial Service (FCS) offices in Europe work together to meet the needs of U.S. companies and will recruit government officials, potential buyers and suppliers from surrounding countries to come to Bucharest and possibly Poland, to meet with companies to discuss opportunities in their markets. There will be a dedicated day where companies will receive presentations on opportunities in these markets in the region by either FCS staff or country experts and then meet with companies one-on-one. The mission will also organize optional virtual introductions with companies or government officials not able to come to one of the two trade mission stops. This innovative approach will provide companies more value by bringing opportunities to the companies without having to travel to each market.

Commercial Setting

Cyber security ensures realization and controlling of vital security properties of an organization's, as well as users' intellectual, financial, and infrastructure assets against relevant security risks in the cyber environment. In addition, critical physical infrastructure systems (i.e., safety, security, electrical, water, energy, and traffic management systems) essentially interact with, and cannot be separated from, the critical information infrastructure. With the ascending growth and sophistication of cyber-attacks in recent years, strict compliance and unified security packages are in demand to protect the critical data, infrastructure, and safety of governments, military, public utilities, banking, financial services, ports, hospitals, and other businesses. The damaging effects of cyber-threats can be felt on many levels from the business to the individual and can spill over across borders. Therefore, nations in Eastern and Central Europe are currently dedicating increasing resources at the executive policy level, as well as at the private sector level, in order to deal with these complex cyber threats. These resources have been well utilized as is evident from the innovations and demand for cyber defense equipment and service technologies.

Recent events in the region have also heightened the importance of improving cyber security protection. Governments have made cyber security a policy priority, creating task forces and engaging with the United States government (USG) to improve their defenses. The trade mission will not only focus on the countries visited, but will also use ITA's Commercial Service network to include opportunities for matchmaking with companies and governments from across the region in the program.

Poland

In June 2013, the Polish government adopted a Cyberspace Protection Policy for the country. The Ministry of Administration and Digitization is responsible for Polish ICT policy, including the implementation of an information society agenda, and is also in charge of all public ICT projects. The prevailing trends for digitalization and mobility further expose ICT users to a range of security threats. As a result, there are good opportunities for suppliers of all ICT security related solutions designed for customers ranging from private users, small businesses, through large sophisticated corporate networks and top level critical public infrastructure projects.

The demand for IT security products and services has been growing dynamically and continuously over the last few years. In addition, highly publicized news reports of attacks have led to a rapidly growing awareness of cyber security threats. In 2013, IT security products and services grew twice as fast as the market for IT products and services in general. At the end of 2013, the Polish market for IT cyber security products reached USD 156 million. Security software represented 59% of the market, while 41% fell on IT security appliances. The market for IT security products is expected to grow at over 10% a year over the next five-years.

There are good prospects for all kinds of security software and security appliances. Security audits and outsourcing of managed security services represent the highest potential for IT security services. There are business opportunities in all market segments, but most investments in this area are done in the telecommunications, financial and banking, as well as the public sectors. This applies mostly to large projects sponsored by large companies or organizations.

Romania

The Romanian market consists of three key segments: Small to medium-sized enterprises (SME), corporations, and the Romanian government, including civil, security, military, and critical national infrastructure (e.g., utilities and telecoms). Romania, with an increasingly high interdependence of cyber infrastructure and sectors such as banking, transportation, energy and national defense, is facing cyber threats to critical infrastructure. The threats to these parties can be combated using hardware, software, services, or a combination of the three. Software solutions are a major portion of the market, with anti-virus and other security software programs being deployed in businesses of all types and sizes. The security services sector is expected to outpace that of the software market. Within the security hardware sector, companies are demanding more Unified Threat Management (UTM) appliances as they adopt increasingly integrated security solutions on a tighter budget. As companies face more and more security breaches, they are taking more proactive measures to ensure information technology (IT) security and their assets. While opportunities exist to supply organizations of all sizes, from SMEs to large corporations, the most substantial opportunities are to be found in organizations for which IT security is mission critical, e.g., major financial institutions, utilities and especially government departments (including Government headquarters, Ministry of Defense, Immigration and Border Protection, Revenue and Customs, etc.). Major Cyber security projects in development in Romania include the creation of a Cyber security Innovation Center, with assistance from the U.S. Trade and Development Agency, and a Regional Cybercrime Training Center for the Romanian Police.

Romania's demand for cybersecurity technology is included in its recently legislated Cybersecurity Strategy and the National Action Plan on implementation of National Cybersecurity System. By the end of 2014, Romania plans to adopt a cybersecurity law, currently under public consultation. The draft law covers both Network and Information Security (NIS) and cyber threats from a national security perspective and was approved by the Supreme Council for National Defense at the end of 2013. The Romanian National Computer Emergency Response Team (CERT-RO), which aligns directly with European Union (EU) critical infrastructure protection mandates, was established in 2011. CERT-RO is the incident response body responsible for "preventing, analyzing, identifying and reacting to cybernetics incidents" and for developing public policies to prevent and counteract cyber-attacks.

The National Cybersecurity System will represent a cooperation platform for CERT schemes and will act to consolidate the expertise for cyber security risk management, stimulating cooperation at different layers (military-civil, public-private, government-nongovernment). The Romanian legal/institutional framework could later be affected by the developments of the Regulatory Framework at the European level.

The prospect for highly specialized cybersecurity engineering services and products presents multiple opportunities for U.S. exports. The cybersecurity systems already in place in Romania are based on U.S. technologies and the cyber security training to date originate from the United States. There is still a great need to build capabilities to detect and manage cyber security incidents, the cyber security risk management process, including consulting and technical support at the strategic management level. Once cyber security audits became mandatory, there will also be a need for training, tools, technology, consulting services, etc.

Other Products and Services

--This is a summary of a Federal Register article originally published on the page number listed below--

Notice.

Citation: "79 FR 58746"

Federal Register Page Number: "58746"

"Notices"