Strengthening the cybersecurity ecosystem - DIGITAL-ECCC-2024-DEPLOY-CYBER-08

Transition to post-quantum Public Key Infrastructures (EUR 15 million)

Expected Outcome:

• New combiners ensuring that cryptographic schemes provide at least 128-bit security against quantum adversaries.
• Experimental evaluation on hybrid certificates in several standard protocols that use those certificates, also considering options for different cryptographic algorithms at the root Certification Authority level and at the other levels, in terms of security, performance, and backward compatibility. The impact of such certificates in protocols should be tested via open-source libraries.
• New and/or improved open-source libraries for certificate requests, issuance, validation, revocation and (privacy-friendly) certificate transparency.
• Clear procedures taking into account all aspects of key management: requirements for signature generation, in terms of the software and hardware used to create signatures as well as the secure storage and handling of private keys to maintain their authenticity and confidentiality, signature validation, with specification of the data required for verifying signatures and outlining the conditions necessary for a successful signature verification process, signature life-cycle process, and validity status of signatures.
• Test and evaluation of uses of X.509 certificates other than their core uses.
• Tests and evaluation of alternatives to X.509 certificates.
• Awareness activities and training courses.

Further details on the Funding and Tenders portal.

Enhancing the NCC Network (EUR 10 million)

Expected Outcome:

Depending on the decision of each NCC, one or more of the following should be covered:

• Network of national initiatives to accelerate the cybersecurity industry and facilitate Access-to-Market.
• European frameworks for establishing cybersecurity incubators and accelerators.
• Cybersecurity Community Observatory to inform subsequent policy interventions by the ECCC and NCCs.
• Matchmaking events to create connections and build trust; platforms and events for Access-to-Finance and Access-to-Market including in the area of dual-use technologies
• Strengthened Cybersecurity Community to support the European Cybersecurity Industrial, Technology and Research Competence Centre; Maintained technical registration possibilities for candidates for the Cybersecurity Competence Community; Technical assistance for potential applicants for ECCC calls.
• Uptake of cybersecurity solutions.
• Strengthened cybersecurity capacities of stakeholders.
• Synergetic activities that strengthen the role of NCC.
• Centralise the many initiatives focusing on raising awareness and work together with other NCCs to support a cross European approach covering education, studies, training courses and awareness campaigns¹ ; Share and provide best practices related to the awareness topic.
• Support the transfer of best practices related to cybersecurity teaching for primary and secondary school and other activities for children and youngsters (including camps, materials, games, etc.).
• Support for teachers and professors to have access to best practices available in the EU and facilitate dialogue.
• Support the development of cross-over educational solutions for SMEs, for example by gamification.
• Cyber campaign material focused on young professionals and students of all ages and gender to pursue and advance in cybersecurity careers, where the NCCs can build on in view of regional differences.
• Cyber campaign material focused on parents and teachers of future students of all ages and gender to raise the number of cybersecurity students.
• Platform supporting a network of young cybersecurity ambassadors spreading awareness and fostering a culture of cybersecurity among Europe's youth.
• Common services to be provided within national cyber campuses.
• Hybrid events for the cybersecurity competence community to increase awareness of cybersecurity threats, threat actor modus operandi and potential impact, potentially in collaboration with existing initiatives and platforms.
• Deliverables supporting the implementation of the Cyber skills Academy.
• Support for activities dedicated to the EU Cybersecurity Challenges.

Further details on the Funding and Tenders portal.

Dedicated action to reinforcing hospitals and healthcare providers (EUR 30 million)

Expected Outcome:

• Mapping of common cybersecurity needs of hospitals and healthcare providers.
• Guidelines for healthcare providers to assess their current state of cybersecurity protection and relevant needs.
• Technical cybersecurity plans to enhance preparedness and cyber resilience: improved detection and response capabilities for healthcare institutions minimising the impact of cyberattacks, particularly for ransomware. This also includes dedicated training courses to staff.
• Pilot cybersecurity demo installations at partner hospitals and healthcare provider sites to ensure hospitals and healthcare providers can maintain operational continuity in the face of cybersecurity incidents. This should be monitored through specific KPIs.
• Wide dissemination campaigns to help scale up preparedness of hospitals and healthcare providers in Europe.

Further details on the Funding and Tenders portal.