Europe Takes the Lead in Global Cybersecurity While Trump Weakens US Federal Efforts

13. júna 2025

New executive order from Trump cancels key cybersecurity initiatives from the Biden era, while the approach to cybersecurity on the other side of the Atlantic is markedly different – Europe is accelerating its digital security program.

On June 6, 2025, President Trump personally signed an executive order that canceled fundamental cybersecurity initiatives – from mandatory software security attestations for federal contractors, through AI-powered cyber defense research priorities, to accelerated planning for the transition to post-quantum cryptography. "These are problematic and distracting issues where the White House focuses on checklists instead of real security investments," the White House said about these initiatives.

The policy difference leads to a regulatory difference with serious consequences. Federal contractors in the US may feel less bureaucracy, but those operating in European markets will face a tightening EU environment. The EU's holistic approach includes the NIS2 directive, which sets cybersecurity requirements for all 27 member states, and the EU Cybersecurity Strategy for the Digital Decade, which focuses on technological sovereignty and the implementation of quantum-resistant encryption.

Where Europe Leads the World in Cybersecurity 

The EU's cybersecurity framework emphasizes the importance of digital technologies and global connectivity as foundations of growth and competitiveness. However, the more connected and digital society becomes, the more vulnerable it is to disruptions and cyber attacks. Hybrid threats and cyber attacks can have a direct impact on security, economy, and society within the EU. Member states bear primary responsibility for handling cyber incidents and crises, but large-scale events can cause disruptions that exceed their operational capabilities or affect more than one member state.

The EU Crisis Management Plan for Cybersecurity specifies when crisis frameworks are triggered, as well as the role of relevant European networks, actors, and mechanisms (for example, ENISA – the EU Agency for Cybersecurity, or EU-CyCLONe – the European Cyber Crisis Liaison Organisation Network) in crisis coordination and the EU's contribution to crisis response as part of EU tools under the 2018 Coordinated Plan on the development and use of AI. The framework clearly establishes the need to coordinate public communication before, during, and after crisis incidents and recognizes the importance of civil-military cooperation in the context of cyber crisis management, for example through cooperation with NATO and maximized information sharing.

Market Implications and Post-Quantum Leadership 

Most importantly, while the US is canceling its quantum-resistant encryption procurement requirements, European companies are already using these technologies. Global organizations today must address this regulatory complexity with advanced strategies and often duplicate security investments. The cancellation of federal AI security research priorities in the US may lead to a return of talent and investment to European projects, which could strengthen European innovation in key areas of cybersecurity.

European enterprises remain under regulatory pressure in the area of post-quantum technologies and may gain a significant first-mover advantage in this key security area. This experience includes practical implementation of cryptographic migrations that American institutions potentially lack, giving them a competitive advantage in global markets.

Context and Future Outlook 

The threat environment and legal framework of the EU for cybersecurity have evolved dramatically since 2017 through multiple cybersecurity management tools, such as the NIS2 directive and the Cyber Solidarity Act. The 2017 plan needed to be updated accordingly. Discussion of the European cybersecurity plan gained momentum during the Polish presidency, with the Polish Prime Minister leading a very successful informal TTE Council meeting on March 4-5 in Warsaw on cybersecurity.

The policy difference between the US and Europe may change the nature of global leadership in cybersecurity, with European standards potentially defining the worldwide standard for multinational enterprises. As the US federal government moves away from prescriptive cybersecurity requirements, the EU's continued expansion in security frameworks makes the Union the standard bearer for responsible cybersecurity practices.

Michalko, Matej. “Európa preberá vedenie v globálnej kybernetickej bezpečnosti, zatiaľ čo Trump oslabuje federálne úsilie USA” DefenceNews.sk, June 11, 2025. https://www.defencenews.sk/kyberbezpecnost/clanok/755068-europa-prebera-vedenie-v-globalnej-kybernetickej-bezpecnosti-zatial-co-trump-oslabuje-federalne-usilie-usa/

Accessed: 12. 6. 2025

8. júla 2026
On July 17, 2026, the deadline will expire by which central state administration bodies must, for the first time, identify critical entities under Act No. 367/2024 Coll. on Critical Infrastructure. This will be the first identification process following the approval of the Strategy for the Resilience of Critical Entities, and at the same time a significant milestone in the implementation of a new system for the protection of critical infrastructure in Slovakia.
8. júla 2026
Už 17. júla 2026 uplynie lehota, do ktorej majú ústredné orgány štátnej správy po prvýkrát identifikovať kritické subjekty podľa zákona č. 367/2024 Z. z. o kritickej infraštruktúre. Pôjde o prvú identifikáciu po schválení Stratégie odolnosti kritických subjektov a zároveň o významný míľnik pri zavádzaní nového systému ochrany kritickej infraštruktúry na Slovensku.
6. júla 2026
We continue our series of expert articles dedicated to the individual sectors of critical infrastructure under Act No. 367/2024 Coll. on Critical Infrastructure. Today we take a closer look at the public administration sector. 
6. júla 2026
Pokračujeme v sérii odborných článkov, venovaných jednotlivým sektorom kritickej infraštruktúry podľa zákona č. 367/2024 Z. z. o kritickej infraštruktúre. Dnes sa pozrieme na sektor verejnej správy.
3. júla 2026
Another article in the series in which we present the essential services of critical infrastructure under Act No. 367/2024 Coll. on Critical Infrastructure. 
3. júla 2026
Ďalší článok zo série, v ktorej predstavujeme základné služby kritickej infraštruktúry podľa zákona č. 367/2024 Z. z. o kritickej infraštruktúre.
30. júna 2026
The strategic partnership between the Critical Infrastructure Association of the Slovak Republic and the Indian government organization Centre for Development of Telematics (C-DOT) has generated significant media attention in India as well. The topic of cooperation in quantum technologies, digital security, and critical infrastructure protection has appeared in several Indian media outlets and on professional platforms.
30. júna 2026
Strategické partnerstvo medzi Asociáciou kritickej infraštruktúry Slovenskej republiky a indickou vládnou organizáciou Centre for Development of Telematics (C-DOT) vyvolalo výrazný mediálny ohlas aj v Indii. Téma spolupráce v oblasti kvantových technológií, digitálnej bezpečnosti a ochrany kritickej infraštruktúry sa objavila vo viacerých indických médiách a na odborných platformách.
25. júna 2026
The Slovak Republic and the Republic of India are expanding cooperation in the field of digital security and advanced cryptographic technologies. On the occasion of the visit of the Prime Minister of the Republic of India, Narendra Modi, to Slovakia, the Critical Infrastructure Association of the Slovak Republic (AKI SR) and the Indian government organization Centre for Development of Telematics (C-DOT) signed a Memorandum of Understanding, which establishes a foundation for the joint development and implementation of quantum-safe technologies and the protection of critical infrastructure.
25. júna 2026
Slovenská republika a Indická republika rozširujú spoluprácu v oblasti digitálnej bezpečnosti a pokročilých kryptografických technológií. Asociácia kritickej infraštruktúry Slovenskej republiky (AKI SR) a indická vládna organizácia Centre for Development of Telematics (C-DOT) podpísali pri príležitosti návštevy predsedu vlády Indickej republiky Narendru Modiho na Slovensku Memorandum o porozumení, ktoré vytvára základ pre spoločný vývoj a implementáciu kvantovo bezpečných technológií a ochranu kritickej infraštruktúry.