CCSIR
Back to news
Institutional16 March 2026CCSIR

CCSIR President Invited to EU Parliament Roundtable on the 2028–2034 Long-Term Budget

CCSIR President Invited to EU Parliament Roundtable on the 2028–2034 Long-Term Budget

On March 16, 2026, the European Parliament Bureau in Romania hosted a closed-door roundtable entitled "Investing in What Matters: The EU Long-Term Budget 2028–2034 - Security, Resilience, and Romania's Role in a Changing Europe" at the Titulescu Hall, Vasile Lascăr 31, Bucharest.

The event was part of a series of national consultations on the future EU budget and took place in the presence of Siegfried Mureșan, Member of the European Parliament and co-rapporteur for the EU Long-Term Budget 2028–2034. The roundtable gathered approximately 25 representatives from Romania's institutional, academic, and strategic communities, facilitated by Bianca Toma, Senior EU Affairs Specialist.

Roundtable at the European Parliament Bureau in Romania
Roundtable at the European Parliament Bureau in Romania

Andrei Avădănei, founder of DefCamp - the largest cybersecurity conference in Central and Eastern Europe - and president of CCSIR (the Romanian Cybersecurity Research Center), was among the invited speakers.

Remarks by Andrei Avădănei

Due to the condensed format of the roundtable, only a selection of the points below were delivered during the event. The full set of remarks, as prepared for the occasion, is presented here.

Speaking from 15 years of experience building DefCamp and CCSIR's ecosystem - which brings together industry, academia, the public sector, and young talent from dozens of countries and hundreds of organizations annually - Avădănei addressed several critical dimensions of the upcoming EU budget as they relate to cybersecurity.

Europe's Ambitions vs. Implementation Capacity

Europe has adopted its most ambitious legislative package in cybersecurity history: NIS2, the Cyber Resilience Act, and the AI Act. These regulations create real obligations for thousands of organizations - but without investment in implementation capacity, they risk becoming unfunded mandates. The MFF 2028–2034 allocates unprecedented sums for digital leadership, defense and security, and research. The question, Avădănei argued, is not whether the funding will exist, but whether Romania will be prepared to capture it and transform it into real capabilities.

From Consumer to Producer of Security

The new European Competitiveness Fund explicitly mentions cybersecurity hubs, testing facilities, and advanced capabilities - precisely the type of infrastructure needed to implement NIS2 and the Cyber Resilience Act at scale. The European Cybersecurity Competence Centre (ECCC), headquartered in Bucharest, already exists as the institution distributing these funds. Romania has the institution, the ecosystem, and the talent. What is missing is the step from consumer to producer: Romania must develop and export security tools - AI-based threat detection solutions, testing platforms, compliance toolkits for SMEs - rather than only importing them.

Avădănei also stressed that access to these funds for SMEs in Central and Eastern Europe must be simplified. If funding is captured exclusively by large integrators from Western Europe, European regulations end up being implemented with solutions from outside Europe.

Research and Defense - Security Labs as Dual-Use Infrastructure

With Horizon Europe and the defense window allocating significant resources for dual-use technologies, vulnerability research - discovering and responsibly disclosing security flaws in systems supporting critical infrastructure - is, by definition, a defense capability. Similarly, developing AI tools for threat detection and testing the security of AI systems themselves - a new domain mandated by the AI Act - is an area where Europe needs its own solutions.

Today, this type of research is done ad hoc, by communities of enthusiasts and independent researchers. With structural funding, Romania could become a European center for testing, evaluation, and development of security technology. CCSIR's platforms - CyberEDU and UNbreakable Romania, the largest cyber education program for students in the region - already demonstrate that the model works, with industry participating as active partners in competitions, research, and talent development.

The National Partnership Plan - The Ecosystem as Strategic Partner

The new MFF introduces National Partnership Plans that will include internal security measures - cybercrime, hybrid threats, and critical infrastructure protection. Avădănei warned that if Romania's plan is drafted exclusively by state institutions, the current model will be replicated: procuring foreign solutions without building local capabilities.

The proposal is straightforward: include the cybersecurity ecosystem - industry, technical community, academia, and education platforms - as a strategic partner in drafting the plan. DefCamp has demonstrated for 15 years that this model works: bringing national CERTs, companies, universities, and students to the same table produces results that no single sector can achieve alone.

Human Capital - The Skills Gap as Strategic Vulnerability

The final and unifying point: without people, any investment in infrastructure is fragile. Romania produces top-tier cyber talent - consistent results in European competitions, the first European organization to join the Global Cybersecurity Camp, and thousands of students trained through UNbreakable Romania. Yet this talent is systematically lost to Western markets.

The MFF 2028–2034 must fund not only specialist training but also talent retention in the EU's frontier states. Concretely: research fellowships tied to local commitments, funding for university labs connected to industry, and recognition of community programs as part of the European cyber talent pipeline.

Five Concrete Proposals

In closing, Avădănei outlined five concrete outcomes the MFF 2028–2034 can deliver for Romania:

  1. European cybersecurity hubs hosted in Romania
  2. Structurally funded security research labs
  3. Public-private partnerships linking industry, research, and education
  4. Talent retention mechanisms for cyber specialists in frontier states
  5. Ecosystem-wide participation in Romania's National Partnership Plan

"Europe has written the rules - NIS2, CRA, AI Act. Now it must invest in the people and communities that implement them. Romania exports cyber talent and imports security solutions. This budget is the opportunity to reverse that equation," Avădănei concluded.

Remarks by Siegfried Mureșan, MEP

Following the roundtable, Siegfried Mureșan - co-rapporteur for the EU Long-Term Budget 2028–2034 and Vice-Chair of the European People's Party (Christian Democrats) - shared his key takeaways:

Recent events confirm that security and defense, alongside strengthening the economy, must be priorities of the future EU Multiannual Budget. However, the European Parliament's position is clear: increased allocations for security should not come at the expense of traditional priorities such as agriculture and cohesion policy - Romania's main sources of European funding.

Mureșan emphasized that national security also means food security, and that cohesion policy contributes directly to safety through investments in transport and energy infrastructure. These funds can also support dual-use projects - both civilian and military - such as highways and railway infrastructure.

The Parliament's approach, he stressed, is to identify new own resources to grow the European budget without placing additional pressure on national budgets. One of the options under discussion is a contribution from the profits of technology giants.

Back to all news