Filter Search for grants
Call key data
Support for implementation of EU legislation on cybersecurity and national cybersecurity strategies
Estimated EU contribution per project
between € 1,000,000.00 and € 5,000,000.00
Link to the call
Link to the submission
The action focuses on capacity building and the enhancement of cooperation on cybersecurity at technical, operational and strategic levels, in the context of existing and proposed EU legislation on cybersecurity in particular the NIS2 Directive (Directive (EU) 2022/2555), the Cybersecurity Act and the proposed Cyber Resilience Act, and the Directive on attacks against information systems (Directive 2013/40). It complements the work of SOCs in the area of threat detection. It is a continuation of work currently supported under the previous WP.
The action also aims at improving industrial and market readiness for the cybersecurity requirements set in the proposal for a regulation on cybersecurity requirements for products with digital elements, known as the Cyber Resilience Act bolstering cybersecurity rules to ensure more secure hardware and software products.
Proposals should contribute to achieving at least one of these objectives;
- Development of trust and confidence between Member States.
- Effective operational cooperation of organisations entrusted with EU or Member State’s national level cybersecurity, in particular cooperation of CSIRTs (including in relation to the CSIRT Network) or cooperation of Operators of Essential Services including public authorities.
- Better security and notification processes and means for Operators of Essential Services and for digital service providers in the EU.
- Better reporting of cyber-attacks to law enforcement authorities in line with the Directive on attacks against information systems.
- Improved security of network and information systems in the EU.
- More alignment of Member States’ implementations of NIS2 (Directive (EU) 2022/2555).
- Support cybersecurity certification in line with the Cybersecurity Act.
The action will focus on the support of at least one of the following priorities:
- Implementation, validation, piloting and deployment of technologies, tools and IT-based solutions, processes and methods for monitoring and handling cybersecurity incidents.
- Collaboration, communication, awareness-raising activities, knowledge exchange and training, including through the use of cybersecurity ranges, of public and private organisations working on the implementation of NIS2 (Directive (EU) 2022/2555).
- Twinning schemes involving originator and adopter organisations from at least two different Member States to facilitate the deployment and uptake of technologies, tools, processes and methods for effective cross-border collaboration preventing, detecting and countering Cybersecurity incidents.
- Robustness and resilience building measures in the cybersecurity area that strengthen suppliers’ ability to work systematically with cybersecurity relevant information or supplying actionable data to CSIRTs.
- Ensure that manufacturers improve the security of products with digital elements since the design and development phase and throughout the whole life cycle.
- Ensure a coherent cybersecurity framework, facilitating compliance for hardware and software producers.
- Enhance the transparency of security properties of products with digital elements.
- Enable businesses across all sectors and consumers to use products with digital elements securely.
- Support to Cybersecurity certification, including support to national cyber authorities and other relevant stakeholders, such as SMEs.
The support will target relevant Member State competent authorities, which play a central role in the implementation of NIS2 (Directive (EU) 2022/2555), as well as other actors with the scope of this Directive.
The action may support amongst other the continuation of the kind of cybersecurity activities funded through the CEF Telecom programme, building where relevant on the results from the CEF projects.
Support will be provided amongst other for the on boarding to the CEF Cybersecurity Core Service Platforms of public and private organisations working on the implementation of NIS2 (Directive (EU) 2022/2555) and are potential users of the CEF Cybersecurity Core Service Platforms.
The action also supports industry, with a particular focus on start-ups and SMEs, to seize the industrial and market uptake opportunities given by the proposed Cyber Resilient Act and Cybersecurity Act.
- Incident management solutions reducing the overall costs of cybersecurity for individual Member States and for the EU as a whole.
- Better compliance with NIS2 (Directive (EU) 2022/2555) and higher levels of situational awareness and crisis response in Member States.
- Organization of events, workshops, stakeholder consultations and white papers.
- Enhanced cooperation, preparedness and cybersecurity resilience in the EU.
- Support actions in the area of certification.
Regions / countries for funding
Island (Ísland), Liechtenstein, Norway (Norge)
Education and training institution, Non-Profit Organisation (NPO) / Non-Governmental Organisation (NGO), Other, Private institution, incl. private company (private for profit), Public Body (national, regional and local; incl. EGTCs), Research Institution incl. University, Small and medium-sized enterprise (SME)
To be eligible for funding, applicants must be:
- legal entities (public or private bodies)
- established in one of the eligible countries:
- EU Member States (including overseas countries and territories (OCTs))
- EEA countries (Norway, Iceland, Liechtenstein) for all topics
Natural persons are NOT eligible (with the exception of self-employed persons, i.e. sole traders, where the company does not have legal personality separate from that of the natural person).
International organisations — International organisations are not eligible, unless they are International organisations of European Interest within the meaning of Article 2 of the Digital Europe Regulation (i.e. international organisations the majority of whose members are Member States or whose headquarters are in a Member State).
EU bodies — EU bodies (with the exception of the European Commission Joint Research Centre) can NOT be part of the consortium.
Relevance for EU Macro-Region
EUSAIR - EU Strategy for the Adriatic and Ionian Region, EUSALP - EU Strategy for the Alpine Space, EUSBSR - EU Strategy for the Baltic Sea Region, EUSDR - EU Strategy for the Danube Region
UN Sustainable Development Goals (UN-SDGs)
Proposals must be submitted electronically via the Funding & Tenders Portal Electronic Submission System (accessible via the Topic page in the Search Funding & Tenders section. Paper submissions are NOT possible.
Proposals must be complete and contain all the requested information and all required annexes and supporting documents:
- Application Form Part A — contains administrative information about the participants (future coordinator, beneficiaries and affiliated entities) and the summarised budget for the project (to be filled in directly online)
- Application Form Part B — contains the technical description of the project (to be downloaded from the Portal Submission System, completed and then assembled and re-uploaded)
- Mandatory annexes and supporting documents (to be uploaded):
- detailed budget table/calculator: not applicable
- CVs of core project team: not applicable
- activity reports of last year: not applicable
- list of previous projects: not applicable
- ownership control declarations
Proposals are limited to maximum 70 pages (Part B).