Close X


Call: Dynamic business continuity and recovery methodologies based on models and prediction for multi-level Cybersecurity

Logo
Programme
Acronym HE-CL3-CS
Type of Fund Direct Management
Description of programme
"Horizon Europe - Cluster 3 - Destination 4: Increased Cybersecurity"

Europe is in the midst of a digital transformation. Digital technologies are profoundly changing our daily life, our way of working and doing business, and the way people travel, communicate and relate with each other. Digital communication, social media interaction, artificial intelligence, e-government, e-commerce and digital enterprises are steadily transforming our world. They are generating an ever-increasing amount of data, which, if pooled and used, can lead to a completely new means and levels of value creation. The more interconnected we are, however, the more we are vulnerable to cyber threats.

Digital disruption, notably caused by malicious cyber activities, not only threaten our economies but also our way of life, our freedoms and values, and even try to undermine the cohesion and functioning of our democracy in Europe.

Regardless of the economic, political or personal motivations behind the cyber threats, securing our future wellbeing, freedoms, democratic governance, and prosperity depend on improving our capacity to shield the EU from malicious attacks and to address digital security weaknesses in general. The digital transformation requires improving cybersecurity substantially, so as to ensure the protection of the increasing number of connected devices and the safe operation of network and information systems, including the ones used in power grids, drinking water supply and distribution services, vehicles and transport systems, hospitals and the overall health system, finances, public institutions, factories, and homes. Europe must build resilience to cyber-attacks and create effective cyber deterrence, while making sure that data protection and freedom of citizens are strengthened. These efforts should include considerations for particularly vulnerable organisations and citizens.

The technological tools of cybersecurity are strategic assets, as well as being key growth technologies for the future. It is in the EU's strategic interest to ensure that the EU retains and develops the essential capacities to secure its digital economy, society and democracy, to protect critical hardware and software and to provide key cybersecurity services.

Cybersecurity research and innovation activities will support a Europe fit for the digital age, enabling and supporting digital innovation while highly preserving privacy, security, safety and ethical standards. They will contribute to the implementation of the digital and privacy policy of the Union, in particular the NIS Directive [[Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (NIS Directive).]], the EU Cybersecurity Act [[Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act).]], the EU Cybersecurity Strategy [[Joint Communication to the European Parliament and the Council The EU's Cybersecurity Strategy for the Digital Decade JOIN/2020/18 final.]], the GDPR[[Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).]], and the future e-Privacy Regulation.

Research and innovation will build on the results of Horizon 2020 such as the pilot projects funded under SU-ICT-03-2018 [[Establishing and operating a pilot for a Cybersecurity Competence Network to develop and implement a common Cybersecurity Research & Innovation Roadmap.]].and other relevant H2020 topics and cybersecurity activities (e.g. carried out by ENISA [[https://www.enisa.europa.eu/]] or relevant parts of work of the EIT Digital[[https://www.eitdigital.eu/]]). The activities will be aligned as relevant with the future objectives of the Cybersecurity Competence Centre and Network of National Coordination Centres (Commission proposal COM(2018) 630). They will be complementary to actions under the Digital Europe Programme, Specific Objectives 3 and 4, which will strengthen EU cybersecurity capacity by support to deployment of cybersecurity infrastructures and tools across the EU, for public administrations, businesses, and individuals, and support digital skills including in cybersecurity. For example support is foreseen to specialised education programmes or modules in key capacity areas such as cybersecurity. Generally, cybersecurity is a horizontal challenge and is not be limited to Horizon Europe Cluster 3. In addition to the calls of the Horizon Europe of Cluster 3 - Civil Security for Society, other activities relevant for Cybersecurity will be supported in particular in the Work Programme part of Cluster 4 - Digital, Industry and Space.

Research and innovation results may feed into the operational work on preparedness and response in the Joint Cyber Unit [[see section 2.1 in The EU's Cybersecurity Strategy for the Digital Decade, JOIN(2020) 18 final. https://eur-lex.europa.eu/legal-content/GA/TXT/?uri=CELEX:52020JC0018]].

Expected impacts:

Proposals for topics under this Destination should set out a credible pathway contributing to the following impact of the Strategic Plan 2021-2024: "Increased cybersecurity and a more secure online environment by developing and using effectively EU and Member States’ capabilities in digital technologies supporting protection of data and networks aspiring to technological sovereignty in this field, while respecting privacy and other fundamental rights; this should contribute to secure services, processes and products, as well as to robust digital infrastructures capable to resist and counter cyber-attacks and hybrid threats".

More specifically, proposals should contribute to the achievement of one or more of the following impacts:

  • Strengthened EU cybersecurity capacities and European Union sovereignty in digital technologies
  • More resilient digital infrastructures, systems and processes
  • Increased software, hardware and supply chain security
  • Secured disruptive technologies
  • Smart and quantifiable security assurance and certification shared across the EU
  • Reinforced awareness and a common cyber security management and culture
Link Link to Programme
Call
Dynamic business continuity and recovery methodologies based on models and prediction for multi-level Cybersecurity
Description of call
"Dynamic business continuity and recovery methodologies based on models and prediction for multi-level Cybersecurity"

Expected Outcome:

Projects are expected to contribute to all of the following expected outcomes:

  • Advanced self-healing disaster recovery and effective business continuity in critical sectors (e.g. energy, transportation, health);
  • Enhanced mechanisms for exchange of information among relevant players;
  • Better disaster preparedness against possible disruptions, attacks and cascading effects;
  • Better business continuity covering two or more sectors.

The proposal should provide appropriate indicators to measure its progress and specific impact.

Scope:

This action aims at developing new methodologies, services and tools for accelerating the self-recovery and possible adaptation of the infrastructures and supply chains after an attack. In line with the NIS Directive the focus should be on critical sectors (e.g. energy, transportation, health) as well as telecommunication networks. The proposal should go beyond the state-of-the-art in developing and validating AI-based self-healing, effective business continuity and disaster recovery in real-world scenarios covering two or more business sectors and supporting their private and public actors.

Cyber threat intelligence and situational awareness need to be developed from the current research level towards strategic considerations, and down to real-time events. This requires collaboration and data sharing between different security actors and should be based on a collection of heterogeneous data, models and predictions for multi-level security. Cyber incidents are likely to require the efforts from a heterogeneous network of organisations or a network of business units inside a single organisation, both when it comes to prevention, detection and response. The solutions (technologies, methods, tools, procedures, practices and/or strategies including escalation and de-escalation) developed must satisfy the needs of the end-users and support daily tasks, efficient and effective operations and ensure business continuity. Thus, an organisational perspective should be included. Furthermore, the methods for exchanging information and the actors considered should build, whenever possible, on the current practices in line with the NIS Directive.

The proposed solutions should include dynamic execution of disruption recovery and business continuity processes. They should dynamically extract all relevant digital evidence, information and digital traces, provide real-time personalised technical assistance, share information and real-time alerts with relevant stakeholders.

Human factors (e.g. behavioural, psychological, physical, cultural and gender) need to be considered appropriately in all aspects of the proposed solution. Proposals should build on existing research and projects, clearly identify the state-of-the-art and explain the strengths of the new solution in the context of the chosen sectors.

Research should address the risks and impact of a cyber-incident on the business itself, using appropriate KPIs, but also possible cascading effects of cyber incidents for critical infrastructure (including potential cross-sectoral and cross-border impacts) and society overall.

The research should include a proof of concept in order to validate the claimed progress and show the benefits in an adequate testing environment involving real end-users. End-users should be involved in all steps of the cycle from design to development and testing. Participation of SMEs is encouraged. This topic requires the effective contribution of SSH disciplines and the involvement of SSH experts, institutions as well as the inclusion of relevant SSH expertise, in order to produce meaningful and significant effects enhancing the societal impact of the related research and innovation activities.

Link Link to Call
Thematic Focus Research & Innovation, Technology Transfer & Exchange, Capacity Building, Cooperation Networks, Institutional Cooperation, Clustering, Development Cooperation, Economic Cooperation, Digitisation, ICT, Telecommunication, Administration & Governance, Justice, Safety & Security, Mobility & Transport/Traffic , Health, Social Affairs, Sports, Disaster Prevention, Resiliance, Risk Management, Energy Efficiency & Renewable Energy, Competitiveness, SME
Funding area EU Member States
Overseas Countries and Territories (OCTs)
Origin of Applicant EU Member States
Overseas Countries and Territories (OCTs)
Eligible applicants Research Institution, International Organization, Public Services, University, Federal State / Region / City / Municipality / Local Authority, National Government, Small and Medium Sized Enterprises, SMEs (between 10 and 249 employees), NGO / NPO, Enterprise (more than 250 employees or not defined), Lobby Group / Professional Association / Trade Union, Education and Training Centres
Applicant details

eligible non-EU countries:

  • countries associated to Horizon Europe
At the date of the publication of the work programme, there are no countries associated to Horizon Europe. Considering the Union’s interest to retain, in principle, relations with the countries associated to Horizon 2020, most third countries associated to Horizon 2020 are expected to be associated to Horizon Europe with an intention to secure uninterrupted continuity between Horizon 2020 and Horizon Europe. In addition, other third countries can also become associated to Horizon Europe during the programme. For the purposes of the eligibility conditions, applicants established in Horizon 2020 Associated Countries or in other third countries negotiating association to Horizon Europe will be treated as entities established in an Associated Country, if the Horizon Europe association agreement with the third country concerned applies at the time of signature of the grant agreement.

  • low-and middle-income countries

Legal entities which are established in countries not listed above will be eligible for funding if provided for in the specific call conditions, or if their participation is considered essential for implementing the action by the granting authority.

Specific cases:

  • Affiliated entities - Affiliated entities are eligible for funding if they are established in one of the countries listed above.
  • EU bodies - Legal entities created under EU law may also be eligible to receive funding, unless their basic act states otherwise.
  • International organisations - International European research organisations are eligible to receive funding. Unless their participation is considered essential for implementing the action by the granting authority, other international organisations are not eligible to receive funding. International organisations with headquarters in a Member State or Associated Country are eligible to receive funding for ‘Training and mobility’actions and when provided for in the specific call conditions.
Project Partner Yes
Project Partner Details

Unless otherwise provided for in the specific call conditions , legal entities forming a consortium are eligible to participate in actions provided that the consortium includes:

  • at least one independent legal entity established in a Member State;and
  • at least two other independent legal entities, each established in different Member States or Associated Countries.
Call opens 30.06.2021
Call closes 21.10.2021
Further info

Proposal page limits and layout:

The application form will have two parts:

  • Part A to be filled in directly online  (administrative information, summarised budget, call-specific questions, etc.)
  • Part B to be downloaded from the Portal submission system, completed and re-uploaded as a PDF in the system

Page limit - Part B: 45 pages

Type of Funding Grants
Financial details
Expected EU contribution per projectThe Commission estimates that an EU contribution of between EUR 3.00 and 5.00 million would allow these outcomes to be addressed appropriately. Nonetheless, this does not preclude submission and selection of a proposal requesting different amounts.
Indicative budgetThe total indicative budget for the topic is EUR 21.50 million.
Typ of ActionResearch and Innovation Actions (RIA)
Funding rate100%

Some activities, resulting from this topic, may involve using classified background and/or producing of security sensitive results (EUCI and SEN). Please refer to the related provisions in section B Security — EU classified and sensitive information of the General Annexes.

Activities are expected to achieve TRL 4 by the end of the project.
Submission Proposals must be submitted electronically via the Funding & Tenders Portal Electronic Submission System. Paper submissions are NOTpossible.

Register now and benefit from additional services - it is free of cost!

News

Published on 02.09.2021

Stable high-performance Perovskite Photovoltaics

Horizon Europe - Cluster 5 - Destination 3: Sustainable, secure and competitive energy supply

Link to Call

Published on 02.09.2021

Cost-effective micro-CHP and hybrid heating systems

Horizon Europe - Cluster 5 - Destination 3: Sustainable, secure and competitive energy supply

Link to Call
Loading Animation