Market Observatory

Cybersecurity Market Intelligence

In order to evaluate the alignment between solution providers and the market demand, the NC3 is conducting regular market research with key partners. Here is the library of all published reports.

Cybersecurity Market Intelligence

Comprehensive market studies to better understand the cybersecurity market in Luxembourg

Regular market research and surveys to highlight the key trends, identify the needs and gaps in order to empower both the Luxembourg cybersecurity ecosystem and economy.

Our Latest Market Intelligence Report

The 2026 PQC Readiness Survey Report, conducted by NC3 in partnership with LuxQuantum, assesses Luxembourg's Post-Quantum Cryptography maturity across more than 25 organisations spanning IT leadership, CISOs, CIOs, and executives. The findings reveal an ecosystem broadly aware of the quantum threat yet slow to translate that awareness into concrete action — leaving significant gaps ahead of the EU's December 2030 deadline for full PQC adoption in high-risk use cases.

92% Awareness of PQC of respondents have heard of Post-Quantum Cryptography — but 40% have no designated PQC leader within their organisation

72% Leadership Support of respondents’ report leadership support for PQC initiatives more than half lack a defined strategy or roadmap For migration. Only a 16% have initiated pilots or Proofs of Concept (POC).

11% Vulnerability Assessment have identified which of their cryptographic systems are most vulnerable to quantum threats. Migration timelines vary significantly, with 48% unsure or expecting action only in five to ten years.

24% In-house PQC Expertise report having in-house PQC expertise, and most do not plan to invest in training or hiring within the next year.

Market Intelligence Reports Library

PQC Readiness Report

Awareness is widespread but shallow. While 92% of respondents have heard of PQC, only 16% have a defined roadmap, and 56% have not integrated quantum risk into training or risk management processes. On the strategic front, 48% have no migration plan whatsoever, and only 11% have assessed which of their cryptographic systems are most vulnerable to quantum attack. Workforce readiness is equally limited: just 24% report in-house PQC expertise, and most organisations have no plans to hire or train dedicated staff in the next 12 months.

The report identifies five action imperatives: formalise PQC governance and assign ownership; conduct a cryptographic inventory; prioritise high-risk systems and data for early migration; engage vendors and supply chain partners on PQC roadmaps; and adopt crypto-agility as a design principle so cryptographic algorithms can be updated over the lifetime of each system. With the EU Coordinated Implementation Roadmap requiring cryptographic inventories by 2026 and hybrid PQC deployments by 2026–2027, the window for preparation is narrowing rapidly.

We would like to thank Steve Purser,Independent cybersecurity Consultant CSPRO Services for his insightful feedback on the draft report and for helping to add additional practical use case. We would like to thank Samira Chaychi, Co-founder LuxQuantum for her insightful feedback on the draft report and for helping us clarify the PQC migration timeline.

Our research partners

2024 Cybersecurity Workforce Study

The National Cybersecurity Competence Center has launched the Market Intelligence Observatory Platform to strengthen cybersecurity market insights and support strategic decision-making. This initiative is underpinned by a series of studies designed to address the evolving needs of Luxembourg’s ecosystem.

The studies, including “A Comprehensive Market Study on Cybersecurity Challenges and Opportunities in Luxembourg’s SME Sector” and the “2023 Luxembourg Cybersecurity Ecosystem Study”, highlight the CYBERSECURITY LUXEMBOURG initiative and its role in fostering public-private collaboration through detailed mapping and interactive tools.

Key findings from the 2023 study point to a rapidly evolving ecosystem influenced by digital transformation, the Internet of Things (IoT), and emerging cyber threats:

82% of respondents cited human resources as a critical challenge, particularly in relation to location, recruitment, and retention.
77% expressed concerns regarding talent shortages and the complexities introduced by remote work.

In response, the “2024 Cybersecurity Workforce Survey” was launched in May 2024 to gather actionable insights and develop targeted solutions. The 17-week study saw strong community participation, underscoring a shared commitment to advancing the sector.

The report outlines both challenges and opportunities within Luxembourg’s cybersecurity landscape. To sustain growth, leadership must integrate cybersecurity into its core business strategies, foster a culture of collaboration, and provide clear career pathways with ongoing learning opportunities.

Our research partners

The 2023 Luxembourg cybersecurity ecosystem study

The 2023 Luxembourg Cybersecurity Market Study, conducted by the National Cybersecurity Competence Center (NC3) and Luxembourg House of Cybersecurity (LHC), offers an in-depth analysis of Luxembourg’s cybersecurity landscape. Over the past two decades, Luxembourg has significantly advanced its cybersecurity infrastructure, aligning with OECD guidelines and establishing itself as a key global player. The report highlights Luxembourg’s strong performance in the Global Cybersecurity Index and the need for continued improvements in organizational measures.

The study emphasizes the CYBERSECURITY Luxembourg initiative, launched in 2019 to foster public-private cooperation and enhance sector visibility through comprehensive mapping and an interactive dashboard. It reveals a dynamic ecosystem driven by digital transformation, IoT, and emerging cyber risks, with a focus on diverse revenue-generating activities.

We extend our heartfelt gratitude to all our partners, including the Chamber of Commerce, Conostix, Excellium, Innov’ICTion, #Mans, Telindus, and other contributing organizations. Special thanks to the Ministry of the Economy of Luxembourg and colleagues at the Luxembourg House of Cybersecurity for their invaluable support. Your contributions have been essential to the success of this study.

Our research partners

A Comprehensive Market Study on Cybersecurity Challenges and Opportunities in Luxembourg's SME Sector

In today's digital era, Small and Medium Enterprises (SMEs) are a double-edged sword. They significantly contribute to employment and GDP but are vulnerable to cybersecurity threats due to limited resources.

From freelancers using third-party services to mid-sized firms with in-house IT, SMEs share a heightened susceptibility to cyber risks. Cybersecurity readiness across SMEs is far from uniform, influenced by size, funding, and tech adoption levels. Amidst a digital push from European and Luxembourgish authorities, SMEs are adopting more complex technologies, increasing their exposure to potential cyberattacks. Given limited public and private investment in cybersecurity, this study aims to pinpoint crucial indicators to allocate resources effectively.

This needs assessment of SMEs represents the initial phase of a broader study focused on the national cybersecurity market. The goal is to evaluate the alignment between solution providers and their clientele. It is the fruit of collaboration between the Data For Research, Innovation, and Governance (D4RIG) team at the National Cybersecurity Competence Center of the Luxembourg House of Cybersecurity, in partnership with the ABBL, the Chambre of Commerce, the Chamber of Trades, the Federation of Craftsmen, the FEDIL, the House of Entrepreneurship, the House of Startups and the Luxembourg Ministry of the Economy.

Our research partners