Skip to main content
Logo
English
European Cybersecurity Competence Centre and Network
  • Call for proposals
  • Upcoming

Deploying Strategic Cyber Capabilities Across Europe - DIGITAL-ECCC-2025-DEPLOY-CYBER-09

The call for proposals DIGITAL-ECCC-2025-DEPLOY-CYBER-09 is launched in accordance with the Digital Europe Cybersecurity Work Programme and is managed by the European Cybersecurity Competence Centre (ECCC).

Details

Status
Upcoming
Publication date
24 October 2025
Opening date
Deadline model
Single-stage
Deadline date
31 March 2026, 17:00 (CEST)
Funding programme
Department
European Cybersecurity Industrial, Technology and Research Competence Centre

Description

Cybersecure tools, technologies and services relying on AI – EUR 15 million 

This action supports the development and deployment of AI-powered cybersecurity solutions to enhance threat detection, incident response, and threat intelligence, while ensuring that AI systems themselves are secure, trustworthy, and compliant with EU legislation such as the AI Act and GDPR.

Expected Outcome:

  • Deployment of Artificial Intelligence and various AI-powered technologies as enablers for Cyber Hubs, CSIRTs, NCSCs, NIS SPOCs and others.
  • Novel cybersecurity tools based on AI that have been developed, tested and validated in relevant conditions and made available to Cyber Hubs, CSIRTs, NCSCs, NIS SPOCs and others.
  • Enhanced information sharing and collaboration amongst National and Cross-Border Cyber Hubs, CSIRTs, NCSCs, NIS SPOCs and others relevant stakeholders, supported by CTI produced by AI-powered tools.
  • Tools for automation of cybersecurity processes such as the creation, analysis and processing of CTI, to enhance operations of the Cyber Hubs.
  • Original European CTI feeds or services.
  • Ensure that the most advanced and innovative secure AI solutions are developed and implemented for NIS sectors.
  • Secure AI solutions and tools, complying with EU legislation. Promote the mitigation of risks associated with the misuse of AI by malicious actors, with a focus on AI ethics and secure deployment.
  • Contribution to the standardisation and certification of cybersecure, trustworthy AI technologies.

Further details on the Funding and Tenders portal.

Uptake of innovative cybersecurity solutions for SMEs - EUR 15 million

Despite a wealth of innovation, the uptake of advanced cybersecurity tools among SMEs remains limited. This action fosters the deployment of proven solutions by facilitating access, providing financial incentives, and supporting integration into business operations.

Expected Outcome:

The development of a cyber toolkit as a service to support SMEs managing cyber risks, defining, and implementing their cybersecurity strategy. The toolkit could include at least one of the following:

  • Interfaces that will connect to existing SaaS applications such as HR, invoice and financial management, CRM and accounting systems, etc., which are often used by SMEs for increasing their cybersecurity.
  • A functionality that enables the mapping and maintenance of an SME’s digital assets and possible vulnerabilities by interfacing with other SaaS applications that manage an asset inventory and data repositories.
  • A function that supports the assessment and management of an SME’s cybersecurity risks and of supply chain risk management. This function should perform a risk assessment, provide recommendations for risk mitigation, and identify options.
  • An interface to existing tools that support the analysis and assessment of the extent of an SME’s cyber risk based on information gathered from digital infrastructure scanning and data provided by authorised users.
  • A function that issues alerts on vulnerabilities and threats based on the information collected by the risk management function.
  • A function that connects SMEs to a CSIRT or a Cyber Hub to report an incident and assist with recovery if possible.
  • A mapping and one-stop window/portal to existing tools and solutions targeting cybersecurity support to SMEs.
  • Tools supporting detection, prevention and response in Operational Technology infrastructures using open standards or technologies.

Support and incident response capabilities to SMEs:

  • Non-commercial cybersecurity hotline with a standardised framework and guidelines for response times, escalation procedures, and the scope of assistance provided.
  • A fully operational, multilingual helpline that provides timely and accurate cybersecurity assistance to SMEs, leading to reduced successful cyber scams and improved digital hygiene.
  • A National Cyber Response Platform for first cyber responders to exchange their experiences, share relevant news and engage discussions regarding challenges and emerging cyber threats complementary to existing cyber crisis management structures.
  • Specialised training modules for first (public and private) responders’ services targeting different sectors such as healthcare, finance, energy, and transportation.

Support tools and platforms:

  • Control Centre and Panel on Incident Reporting and dispatching of incident responders.
  • SME user interface for Incident reporting associated with the cyber toolkit. Users can report an incident, get instructions on how to react and obtain information on how to receive support for the response. An AI assistant connected to a Control Centre could also be included.
  • Interfaces with the National Authorities and Cross-Border Platforms (CBPs) for incident notification and information sharing.

Further details on the Funding and Tenders portal.

Coordinated preparedness testing and other preparedness actions - EUR 10 million

The EU’s cybersecurity readiness must be rigorously tested. This call supports stress testing, simulations, and other preparedness actions, including cross-border and cross-sector to strengthen the ability of critical infrastructure operators to prevent and respond to cyber incidents.

Expected Outcome:

The types of deliverables are presented in two parts.

The first part covers:

  • Enhanced cooperation, preparedness and cybersecurity resilience in the EU; preparedness support services
  • Threat assessment and risk assessment services.

The second part covers:

  • Risk monitoring services
  • Better compliance, coordinated vulnerability disclosure and monitoring
  • Improved skills, via exercises and training courses, organisation of events, workshops, stakeholder consultations and white papers.

Further details on the Funding and Tenders portal.

Regional Cable Hubs - EUR 10 million

Submarine cable systems are vital to Europe’s digital and economic security. This action will reinforce the cybersecurity of cable hubs - physical and digital entry points - ensuring they are robust against espionage, sabotage, and system failures.

Expected Outcome:

The Regional cable hubs will contribute to enhancing and consolidating collective situational awareness and capabilities in detection, supporting the development of an operational capacities to ensure the security and resilience of undersea cables.

The hubs should act as a central point allowing for broader pooling of data and information relevant for the security environment of the cables, enabling the dissemination of threat information and incident detection on a regional scale and among a diverse set of national actors as designated by each Member States (e.g. National Hubs, CSIRTs.)

The Hubs should allow a rapid exchange of information, even if classified among participating authorities in a given hub. To that end, the participating authorities shall set procedural arrangements on cooperation and information sharing.

Furthermore, regional cable hubs could also benefit from additional solutions for the surveillance and protection of submarine cables, and the detection of malicious activities. For instance, situational awareness performed through the collection and analysis of in-situ, sea-based sensor data as well as relevant satellite imagery or undersea drones capacities.

The Hubs could make use of existing systems which were not developed necessarily for Cable Security, such as the Integrated Maritime Systems, the Common Information Sharing Environment (CISE), the EU Copernicus Space Programme, and the Maritime Surveillance System (MARSUR).

The Hubs should also integrate direct cooperation with private entities, especially cable operators to increase access – in a highly secured framework - to information on ongoing and future threats and voluntary incident reporting.

The Hubs should progressively also integrate the defence dimension, as any defence capacities is likely to increase the situational awareness as well as the capacity to respond fast in case of incident against these strategic critical infrastructures. To that end, Member States can integrate in the operations of the Hubs their defence capacities (e.g. navy or surveillance system) and operational command while building on international partnerships.

Further details on the Funding and Tenders portal.