Contact Search
Select office
Contact Search
Office:
HomeEU Calls for ProposalsCall details
Call details:

Strengthening EU cybersecurity capacities & capabilities in line with legislative requirements

Objective of the call

The objective of this action is to strengthen the European cybersecurity ecosystem and support the effective and homogeneous implementation of EU cybersecurity legislation, including:

  • Cyber Resilience Act (CRA)
  • NIS 2 Directive
  • GDPR
  • DORA
  • Cybersecurity Act
  • Specific requirements under the AI Act

The action also aligns with the Digital Education Action Plan and the Cybersecurity Skills Academy, aiming to reduce the cybersecurity skills gap, promote diversity and strengthen Europe’s digital resilience.

It supports both regulatory compliance and operational maturity across public and private sectors, ensuring higher cybersecurity levels across Member States.

Scope of activities

Projects must support the implementation of one or more pieces of EU cybersecurity legislation and contribute to increasing cybersecurity maturity across sectors.

Activities may include:

1. Regulatory compliance support

  • Development of practical guidelines, manuals and standardised processes to support compliance with CRA, NIS 2, Cybersecurity Act, DORA, GDPR and AI Act requirements
  • Development of user-friendly compliance tools for SMEs, including self-assessment tools
  • Tools enabling conformity assessment of products with digital elements under the CRA
  • Support for Software Bill of Materials (SBOM) implementation
  • Development of NIS 2 incident reporting platforms
  • Development of CRA vulnerability single reporting platforms
  • Establishment of single entry points for incident notification

2. Certification and conformity assessment capacity building

  • Capacity building for national cybersecurity certification authorities
  • Support to conformity assessment bodies and certification laboratories
  • Development of a “Certification and Evaluation as a Service” platform
  • Harmonisation and digitalisation of certification documentation
  • Development of common methodologies for cross-border recognition
  • Support for market surveillance authorities

The action should streamline documentation processes, facilitate mutual recognition and accelerate secure assessment replication across Member States.

3. Skills development and workforce capacity

  • Development of cybersecurity training programmes aligned with the European Cybersecurity Skills Framework (ECSF)
  • Hands-on training, exercises and cybersecurity challenges
  • Cross-border exchange, fellowship and peer-learning programmes
  • Non-formal education initiatives targeting students and teachers
  • Diversity and equal opportunity programmes
  • Support for pan-European teams participating in international cybersecurity competitions

Training programmes should enhance regulatory understanding, audit readiness and operational capabilities.

4. Information sharing and cooperation

  • Creation of secure communication channels
  • Federated national platforms for cyber threat intelligence (CTI)
  • Vertical (sector-specific) information-sharing platforms
  • EU-level cross-border collaboration mechanisms
  • Support for structured cooperation between authorities and stakeholders
  • Development of common methodologies to improve cybersecurity maturity

5. Privacy-enhancing and security-by-design technologies

Projects should promote privacy and security by design in ICT products, IoT, Operational Technology, identity systems and e-government systems.

Activities may include:

  • Support for commercialisation of privacy-enhancing technologies (PETs)
  • Pilot projects testing CRA compliance
  • Development of open-source conformity assessment tools
  • Development of assessment methodologies for CRA compliance
  • Cooperation frameworks between researchers, providers, integrators and regulators
  • Support for early integration of privacy-enhancing technologies during design and development

Consortia should include representatives from across the value chain:

  • Privacy-enhancing technology researchers
  • Technology providers
  • ICT product developers
  • User organisations
  • Regulatory and supervisory authorities

Eligible applicants

  • Innovative SMEs, startups and enterprises aiming to scale and strengthen competitiveness 
  • Public-sector organisations driving transformation and societal impact 
  • Research and academic institutions commercialising knowledge 
  • Non-profit organisations delivering purpose-driven innovation 
  • Organisations based in EU Member States, EFTA/EEA, or Associated Countries (more info on eligible countries will be published soon)
  • Minimum 3 independent partners from 3 eligible countries

Funding conditions

Type of action: 
Simple grant 

Funding rate: 
50%

Indicative budget 
€32 million 

Deadline for submission

Q1 2027

Tags:
digital europeeu fundingeu projectsDigital Europe programmecybersecurityInteroperabilityDEPCall for proposalsEU cybersecurityCyber resilienceCritical infrastructure protectionCyber defenceData securityZero Trust ArchitectureQuantum-safe cryptographyAI for cybersecurityThreat detectionCyber threatsHybrid threatsCybercrime preventionCloud securityEncryption technologiesDigital sovereigntySecure by designSMEsResearch and innovationConsortium buildingPublic-private partnershipsEuropean Commission
Forthcoming
Company size: SMEs, Startups, Enterprises, Research, Academia
Issuer: European Health and Digital Executive Agency
Area: Cybersecurity
Call type: Simple grant
Co-funding: 50%
Date published: Q4 2026
Deadline for submission: Q1 2027

Increase your chances - contact us.

Contact us