As EU cybersecurity legislation continues to evolve, organisations across Europe are facing increasing challenges in translating regulatory requirements into operational practice. Frameworks such as the NIS2 Directive and the Cyber Resilience Act (CRA) are essential to strengthening digital resilience, yet their implementation remains uneven due to regulatory fragmentation, limited institutional capacity, and the high cost of compliance - particularly for SMEs and public-sector organisations.
The DETANGLE project, which started in January 2026, addresses these challenges by developing an integrated approach to cybersecurity compliance, incident management, and cross-border collaboration. Supported by the Digital Europe Programme and the European Cybersecurity Competence Centre, the project brings together 14 organisations from 8 EU countries, combining regulatory, technical, and operational expertise.
DETANGLE focuses on reducing complexity and lowering entry barriers for compliance by consolidating multiple functions into a single framework. Its mission is to untangle the web of EU cybersecurity regulations - like the NIS2 Directive and the Cyber Resilience Act (CRA) - and help organizations work together securely across Europe. It will deliver a unified platform that brings together five powerful elements:
- Integrated Incident Management Platform – powered by AI to detect, respond, and learn from cyber incidents faster.
- NIS2 Compliance Tracker – helping organizations assess and monitor their cybersecurity readiness automatically.
- Cybersecurity Collaboration Hub – connecting Member States and industries to share intelligence and build joint resilience.
- Certification Support Framework – guiding companies through EU cybersecurity certification in a simple and structured way.
- CRA Supervision & Enforcement Toolkit – empowering authorities to monitor and enforce product cybersecurity effectively.
Rather than introducing standalone tools, the project builds on existing mature solutions and enhances them to ensure usability, interoperability, and cost-effectiveness.
A core component of DETANGLE is its emphasis on communication, adoption, and long-term sustainability. Within this context, Tiko Pro contributes by leading activities related to communication, dissemination, exploitation, and sustainability planning. This role ensures that project results are not only technically sound, but also clearly articulated, accessible to diverse stakeholder groups, and positioned for uptake beyond the project’s lifetime.
Tiko Pro’s contribution focuses on structuring project communication, translating complex regulatory and technical content into stakeholder-oriented narratives, supporting awareness-raising and capacity-building activities, and coordinating exploitation-related actions. These efforts help align technical development with real-world needs, ensuring that DETANGLE outputs can be effectively used by policymakers, cybersecurity authorities, operators, and industry actors. In parallel,
DETANGLE integrates training, documentation, and engagement activities to support practical understanding and implementation of cybersecurity requirements. This approach strengthens the project’s impact by enabling organisations to move beyond formal compliance towards sustainable cybersecurity practices. Through its integrated services, stakeholder-driven methodology, and structured communication and exploitation activities, DETANGLE aims to contribute to a more coherent and resilient European cybersecurity ecosystem - where compliance, collaboration, and operational security are closely aligned.
|
Project name: DElivering holistic, cusTomised And easy-to implement solutioNs towards efficient implementation of EU leGislation and compliance
Project acronym: DETANGLE
Project number: 101249446
Call: DIGITAL-ECCC-2024-DEPLOY-CYBER-07
Topic: DIGITAL-ECCC-2024-DEPLOY-CYBER-07-CYBERSEC-02
Project starting date: 1 January 2026
Project end date: 31 December 2028
Project duration: 36 months
Project coordinator: ITML CY, gebravos@itml.gr
Consortium partners: Iotam Internet of Things Applications and Multi Layer Development Ltd (ITML CY), Motor Oil Hellas (MOH), Tinexta Infocert Spa (ICERT), IKEM (IKEM), Fundacion de la Comunidad Valenciana Para la Investigacion, Promocion y Estudios Comerciales de Valenciaport (FV), IRCCS San Raffaele Roma Srl (SRA), NetCompany S.A. (NCI), IMPROVISE SOFTWARE APS (IMPRO), Ubitech Limited (UBI), Melitek Eood (MLT), Tiko Pro d.o.o. (TP), Quality And Reliability Cyprus Ltd (QNR), Rina Consulting Spa (RINA), Athina-Erevnitiko Kentro Kainotomias Stis Technologies Tis Pliroforias, Ton Epikoinonion Kai Tis Gnosis (ATH)
Project value: 6.821.155,84 EUR
Social media: LinkedIn | X
Website: www.detangleproject.eu
Project summary:
The NIS2 Directive, adopted in December 2022, aims to ensure a high common level of cybersecurity across the EU. However, its implementation—together with related frameworks such as the Cyber Resilience Act (CRA) and the Cybersecurity Act (CSA)—remains challenging. Key obstacles include fragmentation across Member States, limited expertise and resources within national cybersecurity authorities, and the financial and operational burden on SMEs striving to meet compliance requirements.
DETANGLE addresses these challenges by delivering a cost-effective, integrated solution that supports multiple stakeholder groups. The project brings together an Integrated Incident Management Platform, a NIS2 Compliance Tracker, a Cybersecurity Collaboration Hub, a Cybersecurity Certification Support Framework, and a CRA Supervision and Enforcement Toolkit. Building on existing mature solutions and supported by targeted training, documentation, and awareness-raising activities, DETANGLE aims to facilitate practical implementation, adoption, and long-term exploitation of EU cybersecurity legislation, contributing to a more resilient European cybersecurity ecosystem.
The project funded under Grant Agreement No. 101249446 is supported by the European Cybersecurity Competence Centre.
|
Disclaimer: Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Cybersecurity Competence Centre. Neither the European Union nor the European Cybersecurity Competence Centre can be held responsible for them.