Threat Landscape Amid Hybrid Conflicts
The ongoing conflicts in Ukraine, the Middle East, and the Indo-Pacific have intensified the shift toward hybrid warfare, with cyberspace emerging as a central battleground. In 2024 alone, Ukraine reported over 4,300 cyber incidents targeting critical infrastructure, while Taiwan faced an average of 2.4 million cyberattacks per day — double the rate of the previous year. Iran-linked groups launched waves of DDoS attacks and disinformation campaigns following escalations with Israel. These state-backed and ideologically driven threat actors have increasingly targeted not only military or government systems, but also civilian-facing platforms such as telecommunications, media, and public services. As global tensions spill into cyberspace, nations like Cyprus may face heightened exposure to these transnational threats, necessitating stronger defenses, faster threat intelligence sharing, and resilient infrastructure across sectors.
A particularly volatile front is the Israel–Iran cyber confrontation. In June 2025, a hack attributed to Israel-linked group “Predatory Sparrow” disrupted Iranian financial systems and drained over $90 million in cryptocurrency. In retaliation, Iran restricted national internet access by nearly 97%, while Israel reported a 700% surge in cyberattacks—ranging from defacement to disinformation—targeting public portals and infrastructure. This tit-for-tat escalation exemplifies the transformation of traditional conflicts into cyberwarfare and signals the urgent need for national and regional cyber defense capabilities.
NIS2: A New Era in Cybersecurity Governance
At the core of Cyprus’s strategy to confront this evolving threat environment is the full implementation of the NIS2 Directive. Transposed into national legislation in April 2025, the Directive expands the number of supervised entities from 70 to around 600. These include essential and important entities across sectors such as energy, health, finance, transport, and digital infrastructure.
To support compliance, we have developed a comprehensive audit framework and launched a stakeholder management platform covering all aspects of the supervisory relationship, including incident notifications, compliance reporting, alerts, and secure communications. This digital platform streamlines interactions and ensures that organizations receive timely guidance and support in meeting their obligations.
Despite the opportunities NIS2 presents in improving national resilience, it also brings challenges—most notably, the need for more qualified professionals and greater resource allocation by the affected entities. We are working closely with public and private stakeholders to ease this transition and foster a culture of shared responsibility in cybersecurity.
National CSIRT: Operational Maturity & Impact
In response to the surge in cyber threats, the National CSIRT has intensified its operations, handling more than 500 reported incidents in 2024 alone. The most affected sectors were Finance (24%), Telecommunications (19%), and Energy (14%). Top attack vectors included phishing, malware deployment, and distributed denial-of-service (DDoS) attacks. Common vulnerabilities exploited by threat actors included outdated software, inadequate password policies, and a general lack of cybersecurity awareness and culture.
The CSIRT has also proactively communicated threat intelligence to critical infrastructure operators and shared advisories with more than a dozen entities per week during high-risk periods. In 2025, the CSIRT began the process of obtaining Trusted Introducer (TI) certification, which will place it among Europe’s top CSIRTs. This certification recognizes operational maturity, 24/7 response readiness, and secure collaboration protocols—key elements in building trust with international partners.
Certification and CRA: Building Trust in Digital Products
In 2024, the European cybersecurity certification landscape took a significant step forward with the activation of the EUCC (EU Common Criteria) scheme under the Cybersecurity Act. This harmonized scheme allows for consistent certification of ICT products and services across the EU, increasing trust and interoperability. Cyprus has responded swiftly, establishing the National Cybersecurity Certification Authority (NCCA) designated as both the Notifying and Market Surveillance Authority, allowing Cyprus to strengthen its role as a regional Cybersecurity Services Center.
Looking ahead, the Cyber Resilience Act (CRA)—which entered into force in December 2024—adds another layer of regulatory obligation by introducing mandatory requirements for digital products. These include security-by-design, vulnerability management, and ongoing compliance throughout a product’s lifecycle. The NCCA is actively preparing stakeholders to meet these requirements, positioning Cyprus as a regional hub for certification services and compliance expertise.
National Cybersecurity Coordination Centre: Supporting Innovation and SMEs
The National Cybersecurity Coordination Centre (NCC-CY) completed its first major funding scheme in 2024, distributing €1 million to cybersecurity projects for SMEs. Building on that success, the Centre is now preparing four new funding initiatives totaling €5.5 million. These will support SMEs, tourism operators, startups, and entities within the scope of NIS2.
With more than 90 active members, the NCC-CY serves as a vibrant knowledge-sharing hub. It supports training, events, and international missions. Awareness campaigns target schools, professionals, and seniors. Future initiatives include gamified learning programs and collaborations with career counselors to promote cybersecurity as a viable and exciting career path for young people.
ICT Academy: Building the Skills for the Future
Founded in December 2023, the ICT Academy has quickly become a regional leader in cybersecurity education. It has hosted more than 170 events and trained over 5,000 participants from 30+ countries. Certified by HRDA (Human Resources Development Authority), the Academy offers hybrid and interactive learning. The ICT is another initiative which positions Cyprus as a regional hub for Cyber Security Services.
To expand accessibility and engagement, the Academy is developing a fully immersive Virtual Reality (VR) training platform and a new Learning Management System (LMS). It also plays a key role in two EU-funded projects: AKADIMOS, which focuses on governance and infrastructure for cybersecurity skills, and CADMUS, which provides practical training to SMEs, startups, and public sector institutions.
AI & Cybersecurity: Cyprus Takes on a Dual Mandate
In January 2025, the Council of Ministers designated our Office as the Notifying and Market Surveillance Authority for Artificial Intelligence, under the EU Artificial Intelligence Act (AI Act). This expanded mandate reflects our evolving role from cybersecurity enabler to digital technology regulator. The AI Act introduces a risk-based framework that prohibits certain AI practices and imposes strict requirements on high-risk systems, including those used in critical infrastructure, law enforcement, and migration management.
As the authority overseeing both cybersecurity and AI, we now operate at the intersection of two fast-evolving and highly consequential domains. AI is being increasingly used to secure systems—detecting threats faster, isolating malicious code, and predicting attack patterns. However, adversaries are also using AI to craft more evasive and adaptive attacks. This dual-use dynamic means that AI and cybersecurity must evolve together, underpinned by trust, transparency, and international cooperation.
Conclusion
Cyprus’s cybersecurity landscape is undergoing a rapid transformation, shaped by external pressures and internal reform. From regulatory expansion and institutional growth to educational innovation and regional leadership, we are laying the foundations of a resilient digital society. Through strategic investment, international collaboration, and a forward-looking governance approach, Cyprus is not only keeping pace with global developments—it is helping to shape the future of cybersecurity and AI governance in Europe.
