Open Call: Coordinated Preparedness Testing and Other Preparedness Actions

Focus Areas/Objectives/Priorities/Themes: These actions aim to complement and not duplicate efforts by Member States and those at Union level to increase the level of protection and resilience to cyber threats, in particular for critical industrial installations and infrastructures, by assisting Member States in their efforts to improve their preparedness for cyber threats and incidents by providing them with knowledge and expertise. Proposals should contribute to achieving coordinated preparedness testing of entities operating in sectors of high criticality across the Union (including penetration testing and threat assessment) considering ICT as well as Operational Technology/Industrial Control Systems.

The initiative, managed under the Digital Europe Programme, provides essential support for preparedness activities that strengthen Europe’s collective response to cyber incidents. It aligns closely with the Cyber Solidarity Act and the NIS 2 Directive, addressing the urgent need to boost cybersecurity resilience in highly critical sectors such as hospitals, fixed networks, and submarine cable infrastructures.

Its scope includes the development of penetration testing scenarios, vulnerability scanning, and security audits across both ICT and operational technology systems. Applicants are expected to establish digital tools and infrastructures, including standardized cyber ranges that mimic real-world conditions in critical sectors, enabling practical and effective cyber exercises. These actions assess and improve the cybersecurity capabilities of national and sectoral entities, including their ability to detect, prevent, and respond to incidents.

Participants are encouraged to integrate multi-layered risk scenario analyses that assess resilience under varying levels of pressure. For 2025, the targeted sectors are the health sector, with a focus on hospitals, and the digital infrastructure sector, encompassing fixed networks and submarine cable systems. Each proposal must include at least one baseline risk scenario as outlined in the annex, adaptable to national contexts or higher-intensity scenarios.

The preparedness testing follows three key phases: systemic risk analysis to identify stakeholders and refine scenarios; testing activities involving penetration tests, vulnerability scans, and stress tests; and a gap analysis phase that translates findings into actionable recommendations and remediation plans. Outcomes are shared with national authorities and, in anonymized form, with the European Commission to support policy development and continuous improvement of cybersecurity readiness across the Union.

Expected results include strengthened cooperation, enhanced preparedness, and improved cybersecurity resilience throughout the EU. The call will deliver support services such as threat assessments, risk analyses, vulnerability scanning, sectoral stress tests, and security audits. Key performance indicators cover the number of tests performed, entities assisted, risk scenarios analyzed, and vulnerabilities identified.

The initiative primarily targets public bodies acting as cybersecurity competent authorities or CSIRTs, along with public entities covered by cybersecurity legislation such as the NIS 2 Directive, Cyber Resilience Act, and Digital Operational Resilience Act. Funding will be provided through Simple Grants at a 50% rate, with a total budget of EUR 10 million dedicated to this topic.

For more information, visit EC.