By Miroslav Hajnoš

Cybersecurity is becoming a cornerstone of the European Union’s digital market. Recent data show that more than one fifth of EU businesses have already suffered cybersecurity incidents with tangible consequences, including data loss and service disruption. At the same time, the wider adoption of cybersecurity measures points to growing awareness of systemic risks in the digital environment.

This development reflects a broader transformation. Cybersecurity can no longer be understood merely as a technical or regulatory matter. As emphasised by the European Economic and Social Committee (EESC), it must be regarded as a key component of economic security and geopolitical resilience in the European Union. The smooth functioning of the digital market increasingly depends on trust, and that trust is directly linked to the ability to protect data, systems, and supply chains.

In the digital marketplace, users often lack the ability to judge how secure products and services really are. This information asymmetry makes cybersecurity not a background function, but a central mechanism for trust-building. In this context, the European cybersecurity certification framework plays a crucial role. Its purpose is to ensure that digital products and services meet harmonised security standards across Member States, strengthening confidence in the single market.

The EESC underlines that certification must be practical, transparent, and usable under real business conditions, particularly for cross-border operators. The principle of ‘one certification valid everywhere’ should become the norm, reducing market fragmentation and supporting the competitiveness of European companies.

Another critical issue is the security of supply chains. Cyber risks increasingly originate not within a single organisation, but across interconnected networks of suppliers and partners. Cybersecurity must therefore be addressed as an ecosystem challenge. At the same time, regulatory measures must remain proportionate, predictable, and sensitive to the capacities of small and medium-sized enterprises, which form the backbone of the European economy.

Human capital also plays a decisive role. The EESC highlights that cybersecurity resilience depends on skills, training, and organisational culture. Strengthening digital literacy and raising public awareness are therefore essential components of the overall framework. A well-informed society is more resilient by default and better able to reduce systemic vulnerabilities.

In this regard, civil society organisations play a unique and indispensable role. Working at the intersection of institutions, markets, and citizens, they translate complex policy frameworks into practical realities. In cybersecurity, their role goes beyond awareness-raising: they help ensure that policies reflect the lived experiences of businesses and individuals, improving both legitimacy and effectiveness.

For businesses, cybersecurity is increasingly becoming a matter of competitiveness. Companies that can ensure data protection and communicate their security practices clearly are better positioned to build customer trust and strengthen their market position. By contrast, cybersecurity incidents lead not only to financial losses, but also to serious reputational damage.

The future of the digital market will therefore not be shaped solely by technological innovation, but also by the ability to build and sustain trust. Cybersecurity is evolving into a comprehensive framework that connects regulation, economic performance, and communication. In the digital economy, one principle remains fundamental: without trust, there is no functioning market.