RFPs: New Advanced Tools and Processes for Operational Cybersecurity

Scope

• Proposals are expected to demonstrate the developed frameworks, tools, services, and processes through pilot implementations involving the participation of relevant national cybersecurity authorities and/or essential and important entities as defined in NIS2, implemented with the participation of leading European cybersecurity industry. Proposals should consider the impact of forthcoming legislation, in particular the Cyber Resilience Act.
• Real world applications and the usability of the solutions developed should feature predominately in the proposals.
• The participation of the following types of entities is highly encouraged:
  • innovative European cybersecurity start-ups and SMEs with a proven track-record in cybersecurity innovation at EU level (e.g. active participation in successful EU funded projects including cybersecurity projects under Horizon Europe, Digital Europe Programme cybersecurity projects or EIC Pathfinder or Accelerator projects), European start-ups and SMEs that can demonstrate established operational cooperation with relevant National Cybersecurity Authorities, European start-ups and SMEs that have received equity investments by national, European or private Venture Capital funds for cybersecurity activities etc. The participation of these start-ups and SMEs with an active role in the implementation of the proposed action (project coordination, technical coordination, lead of pilot implementation etc) would be considered an asset.

Funding Information

• Budget (EUR) – Year 2025: 23 550 000
• Contributions: 4500000 to 6000000

Expected Outcomes

• The use of and dependence on information and communication technologies have become fundamental aspects in all sectors of the economy. Public administrations, companies and citizens are more interconnected and interdependent across sectors and borders than ever before. This higher uptake of digital technologies increases exposure to cyber security incidents, vulnerabilities and their potential impacts. At the same time, Member States are facing growing cybersecurity risks and an overall complex threat landscape, with a clear risk of rapid spill-over of cyber incidents from one Member State to others.
• Moreover, cyber operations are increasingly integrated in hybrid and warfare strategies, with significant effects on the target. In particular, the current geopolitical context is being accompanied by a strategy of hostile cyber operations, which is a game changer for the perception and assessment of the EU’s collective cybersecurity crisis management preparedness and a call for urgent action. The threat of a possible large-scale incident causing significant disruption and damage to critical infrastructure and data spaces demands heightened preparedness at all levels of the EU’s cybersecurity ecosystem. In recent years, the number of cyberattacks has increased dramatically, including supply chain attacks aiming at cyberespionage, ransomware, or disruption. The vulnerability landscape is also threatening. The ENISA Threat Landscape Report 2024 counts a total of 19,754 vulnerabilities. This amount of vulnerabilities can’t be manually managed by humans. There is a need for automated management of vulnerabilities based on established standards like the Common Security Advisory Framework (CSAF).
• As regards detection of cyber threats and incidents, there is an urgent need to increase the exchange of information and improve their collective capabilities in order to reduce drastically the time needed to detect cyber threats and mitigate, before they can cause large-scale damage and costs. While many cybersecurity threats and incidents have a potential cross-border dimension, due to the interconnection of digital infrastructures, the sharing of relevant information among Member States remains limited. Proposals are expected to address this emerging threat landscape with the development of advanced frameworks, services tools, and processes, in line with relevant EU legislation (NIS2, Cyber Resilience Act, Cyber Solidarity Act).
• Lastly, focus should be given to developing innovative frameworks, technologies, tools, processes, and services that reinforce cybersecurity capabilities for operational and technical cybersecurity cooperation, in line with relevant EU policy, with particular focus on NIS2, Cyber Solidarity Act and the EU Cybersecurity Strategy, as well as legal and ethical requirements.
• Proposals should address at least two of the following expected outcomes:
  • Enhanced Situational Awareness through advanced Cyber Threat Intelligence frameworks, tools, and services as well as cybersecurity risk assessments of critical supply chains made in the EU,
  • Frameworks, tools, and services for preparedness against Cyber and Hybrid Threats in information and communication technology (ICT) and operational technology (OT), including cybersecurity exercises,
  • Expanded Security Operations Centre/Computer Security Incident Response Teams (SOC/CSIRT) functionality through advanced tools and services for detection, analysis, incident handling including response and reporting as well as remediation,
  • Development of testing and experimentation facilities for advanced tools and processes for operational cybersecurity, including the creation of digital twins for critical infrastructures and essential and important entities as defined in NIS2,
  • Development and pilot implementation of cross-sector and/or cross-border cyber crisis management frameworks, services, and tools,
  • Frameworks, services, and tools aimed at mechanisms and processes for enhanced operational cooperation between public sector entities (CSIRT network, EU-CyCLONe). Extension of the above to essential and important entities as defined in NIS2, would be an advantage.

Eligibility Criteria

• Entities eligible to participate:
  • Any legal entity, regardless of its place of establishment, including legal entities from nonassociated third countries or international organisations (including international European research organisations) is eligible to participate (whether it is eligible for funding or not), provided that the conditions laid down in the Horizon Europe Regulation have been met, along with any other conditions laid down in the specific call/topic.
  • A ‘legal entity’ means any natural or legal person created and recognised as such under national law, EU law or international law, which has legal personality and which may, acting in its own name, exercise rights and be subject to obligations, or an entity without legal personality.
• To become a beneficiary, legal entities must be eligible for funding.
• To be eligible for funding, applicants must be established in one of the following countries:
  • the Member States of the European Union, including their outermost regions:
    • Austria, Belgium, Bulgaria, Croatia, Cyprus, Czechia, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden.
  • the Overseas Countries and Territories (OCTs) linked to the Member States:
    • Aruba (NL), Bonaire (NL), Curação (NL), French Polynesia (FR), French Southern and Antarctic Territories (FR), Greenland (DK), New Caledonia (FR), Saba (NL), Saint Barthélemy (FR), Sint Eustatius (NL), Sint Maarten (NL), St. Pierre and Miquelon (FR), Wallis and Futuna Islands (FR).
  • countries associated to Horizon Europe;
    • Albania, Armenia, Bosnia and Herzegovina, Canada, Faroe Islands, Georgia, Iceland, Israel, Kosovo, Moldova, Montenegro, New Zealand, North Macedonia, Norway, Serbia, Tunisia, Türkiye, Ukraine, United Kingdom.

For more information, visit EC.