01499nas a2200157   4500000000100000000000100001008004100002653002900043653002900072653002300101100001700124245005700141300001200198490000700210520112400217       2022                            d10acybersecurity governance10acybersecurity ecosystems10acybersecurity mesh1 aAljosa Pasic00aGovernance Mesh Approach for Cybersecurity Ecosystem  a105-1300 v533 a<p>Four EU pilot projects have been launched in 2019 (ECHO, SPARTA, CSEU, and CONCORDIA) with the focus on specific context of EU Regulation that is establishing the European Cybersecurity Competence Centre (ECCC), together with the Network of National Coordination Centers (NCCs), and Competence community (CC). These projects are continuously providing their feedback on open issues regarding the overall governance in this emerging EU cybersecurity ecosystem. We look at similar cybersecurity initiatives from the past, as well as related work. While hybrid governance model, that combines top-down and bottom-up elements seems to be the most reasonable and acceptable outcome for all communities involved, there is a further need to decompose complex model and perform precise analysis of Processes, Rules, Norms, and Actions (PRNA), linked to fundamental areas of work of this ecosystem (e.g., capacity building, incident response, R&amp;D management etc.). This article provides an overview of several challenges that need to be addressed and presents the approach to governance we call “governance mesh.”</p>