ADAPTATION OF THE EUROPEAN MODEL OF CYBERSECURITY FUNDING IN UKRAINE
DOI:
https://doi.org/10.32782/2617-5940.2.2025.8Keywords:
cybersecurity, cyber resilience, NIS2, public-private partnership, cyber insurance, war risk, fiscal incentives, economic convergence, digital economy, EBRDAbstract
The article is devoted to the analysis and improvement of mechanisms for adapting the European model of cybersecurity financing in Ukraine as a tool for accelerating economic convergence with the European Union. It is shown that full-scale war has radically increased the importance of cyber resilience as a component of national and economic security. It has been established that the increase in the frequency and complexity of cyberattacks requires not only technological but, above all, financial and economic solutions. Key market failures have been identified - insufficient investment, information asymmetry, and “war risk exclusion”- which limit the market's ability to provide an optimal level of cyber protection. It has been substantiated that effective counteraction to these failures is only possible through a combination of EU regulatory standards (NIS2 Directive) and targeted financial incentives. A model for adapting European cyber financing practices is proposed, with a focus on creating a National Cyber Financial Fund (NCF) as a state reinsurer of catastrophic risks and introducing a system of fiscal incentives for investments in NIS2 compliance. It has been proven that the formation of mixed financing mechanisms (public-private and donor) will ensure the sustainability of investments in cybersecurity and send a positive signal to international investors. The study uses methods of qualitative policy analysis, comparative modeling, and structural-functional synthesis. The results of the study confirm that the adaptation of EU financial instruments in the field of cybersecurity contributes to increasing Ukraine's investment attractiveness, developing the digital economy, and integrating into European value chains.
References
SSSCIP of Ukraine. Cybersecurity: Market to hit $200m as attacks grow. (2024). Available at: https://itukraine.org.ua/en/ukraine-s-cybersecurity-market-to-hit-200m-as-attacks-grow-in-sophistication/ (accessed: 07.09.2025).
Weisman, Michael Kott, Alexander Ellis, Jason Murphy, Brian Parker, Travis Smith, Sidney Vandekerckhove, Joachim. (2023). Quantitative Measurement of Cyber Resilience: Modeling and Experimentation. 10.48550/arXiv.2303.16307. (2023). Available at: https://www.researchgate.net/publication/369623557_Quantitative_Measurement_of_Cyber_Resilience_Modeling_and_Experimentation (accessed: 07.09.2025).
The NIS2 Directive : European Commission. (2022). Available at: https://digital-strategy.ec.europa.eu/en/policies/nis2-directive (accessed: 07.09.2025).
Building Stronger Defences for a Digital Future: The Role of Cybersecurity : OECD. (2025). Available at: https://www.oecd.org/en/publications/economic-security-in-a-changing-world_78f3b129/full-report/building-stronger-defences-for-a-digital-future-the-role-of-cybersecurity_484bcb90.html (accessed: 10.09.2025).
NIST. Risk Management and Security Metrics: Challenges and Policy Solutions. (2017). Available at: https://www.nist.gov/system/files/documents/2017/05/09/report13-1.pdf (accessed: 10.09.2025).
Acre Security. Understanding NIS2: Why Companies Must Prioritize Compliance. (2024). Available at: https://acresecurity.com/blog/understanding-nis2-why-companies-must-prioritize-compliance (accessed: 27.09.2025).
Kiteworks. NIS2 Compliance Costs vs. Financial Benefits. (2024). Available at: https://www.kiteworks.com/regulatory-compliance/nis2-compliance-costs/ (accessed: 07.10.2025).
How Do Taxes Affect Investment and Productivity? An Industry-Level Analysis of OECD Countries : OECD. (2015). Available at: https://www.oecd.org/en/publications/how-do-taxes-affect-investment-and-productivity_230022721067.html (accessed: 07.10.2025).
Telefonica Tech. NIS2 Directive (II): Cyber Security obligations and their impact on European businesses. (2024). Available at: https://telefonicatech.com/en/blog/nis2-directive-ii-how-cyber-security-obligations-affect-european-businesses (accessed: 07.10.2025).
IT security soon to be exempt from debt brake? : Daturex GmbH. (2025). Available at: https://externer-datenschutzbeauftragter-dresden.de/en/data-protection/it-security-soon-to-be-exempt-from-debt-brake/ (accessed: 17.09.2025).
Aon. Bridging the NIS2 Cyber Security Gap. (2024). Available at: https://www.aon.com/en/insights/articles/bridging-the-nis2-cyber-security-gap (accessed: 27.09.2025).
EBRD. First Ukrainian companies take advantage of new war risk insurance. (2025). Available at: https://www.ebrd.com/home/news-and-events/news/2025/first-ukrainian-companies-take-advantage-of-new-war-risk-insuran.html (accessed: 27.09.2025).
MFA of Ukraine. Norway Joins the Tallinn Mechanism to Support Ukraine’s Cyber Resilience. (2025). Available at: https://mfa.gov.ua/en/news/norvegiya-priyednalasya-do-tallinnskogo-mehanizmu-pidtrimki-kiberstijkosti-ukrayini (accessed: 27.09.2025).
World Bank Group. Donor Financing Mechanisms for Supporting Ukraine. (2025). Available at: https://www.worldbank.org/en/country/ukraine/brief/world-bank-group-donor-financing-mechanisms-for-supporting-ukraine (accessed: 07.10.2025).
Educause. Frequently Asked Questions About Cyber Insurance. (2025). Available at: https://library.educause.edu/resources/2025/5/frequently-asked-questions-about-cyber-insurance (accessed: 07.10.2025).
Morgan Lewis. Update: Ukraine Conflict Has Implications for Cyberinsurance Policies, Including War Exclusions. (2022). Available at: https://www.morganlewis.com/pubs/2022/03/update-ukraine-conflict-has-implications-for-cyberinsurance-policies-including-war-exclusions (accessed: 07.10.2025).
On Amendments to Certain Laws of Ukraine Regarding Information Protection and Cyber Protection of State Information Resources and Critical Information Infrastructure Objects / Law of Ukraine No. 4336-IX of March 27, 2025. Available at: https://zakon.rada.gov.ua/laws/show/4336-20#Text (accessed: October 7, 2025).
The government approved the Plan for the implementation of the Ukraine Facility program: Ministry of Economy of Ukraine. Available at: https://www.kmu.gov.ua/news/uriad-zatverdyv-plan-dlia-realizatsii-prohramy-ukraine-facility (accessed: 07.10.2025).
ResearchGate. Current State of Public-Private Partnership in the Field of Cybersecurity: Ukrainian Experience. (2024). Available at: https://www.researchgate.net/publication/396022298_CURRENT_STATE_OF_PUBLIC-PRIVATE_PARTNERSHIP_IN_THE_FIELD_OF_CYBERSECURITY_UKRAINIAN_EXPERIENCE (accessed: 10.10.2025).
OUP/JIDS. Data privacy and cybersecurity regulations and their implications for foreign investors. (2024). Available at: https://academic.oup.com/jids/article/16/3/idaf020/8173308 (accessed: 10.10.2025).
Pinsent Masons. Insurance arrangements pivotal to Ukraine rebuild. (2023). Available at: https://www.pinsentmasons.com/out-law/analysis/insurance-arrangements-pivotal-ukraine-rebuild (accessed: 11.10.2025).
European Court of Auditors (ECA). EU Cybersecurity Spending. (2024). Available at: https://www.eca.europa.eu/lists/ecadocuments/brp_cybersecurity/brp_cybersecurity_en.pdf (accessed: 10.10.2025).
