Programme Category
Programme Name
Programme Description
Digital Europe Programme is the first EU programme that aims to accelerate the recovery and drive the digital transformation of Europe.
Worth €7.6 billion (in current prices), the Programme is a part of the next long-term EU budget, (the Multiannual Financial Framework), and it covers 2021 to 2027. It will provide funding for projects in five crucial areas: supercomputing, artificial intelligence, cybersecurity, advanced digital skills, and ensuring the wide use of digital technologies across the economy and society.
The Programme is fine-tuned to fill the gap between the research of digital technologies and their deployment, and to bring the results of research to the market – for the benefit of Europe’s citizens and businesses, and in particular SMEs. Investments under the Digital Europe programme supports the Union’s twin objectives of a green transition and digital transformation and strengthens the Union’s resilience and strategic autonomy.
Identifier Code
Call
Summary
The aim is to build capacity for new or existing National Cyber Hubs, e.g. equipment, tools, data feeds, as well as costs related to data analysis, interconnection with Cross-Border Cyber Hubs, etc. This can include for example automation, analysis and correlation tools and data feeds covering Cyber Threat Intelligence (CTI) at various levels, ranging from field data to Security Information and Event Management (SIEM) data to higher level CTI.
Automation is a key aspect in the efficient handling and processing of information. Where available, already established standards should be used, such as the Common Security Advisory Framework (CSAF) , for security advisories or for collecting and processing cybersecurity-related messages (e.g. IntelMQ project2). Applications developed by Cyber Hubs/SOCs should be compatible with European standardisation projects like the EU vulnerability database (EUVD).
National Cyber Hubs should also leverage state-of-the-art technology such as artificial intelligence and dynamic learning of the threat landscape and context. This also includes the use of shared cybersecurity information, to the extent possible based on existing taxonomies and/or ontologies, and hardware to ensure the secure exchange and storage of information.
The operations should be built upon live network data and other training data required in the initial phases. Where relevant, consideration should be given to SMEs as the ultimate recipients of cybersecurity operational information.
Detailed Call Description
A key element is the translation of advanced AI, data analytics and other relevant cybersecurity tools from research results to operational tools, and further testing and validating them in real conditions in combination with access to supercomputing facilities (e.g. to boost the correlation and detection features of cross-border platforms). Such activities are identified and proposed for financing in section 2.3, dedicated to AI for Cybersecurity, and topic 2.3.1.
Furthermore, National Cyber Hubs could also consider deploying solutions for the surveillance and protection of critical undersea infrastructure, such as submarine cables, and the detection of malicious activities around them, to improve the resilience and security of this infrastructure, which is critical for global communications. The response to such hybrid threats could also include situational awareness performed through the collection and analysis of in situ, sea based sensor data as well as relevant satellite imagery. For such activities, operational synergies with the EU Copernicus Space Programme and in particular with its Security Service are required.
Another key role for National Cyber Hubs is to facilitate knowledge transfer and sharing, as well as support training initiatives for all needed cybersecurity roles the basis, for instance, of the European Cybersecurity Skills Framework (ECSF). For example, Cyber Hubs/SOCs dealing with critical infrastructures play a key role and should benefit from the knowledge and experience acquired by or concentrated in National Cyber Hubs.
National Cyber Hubs must share information with other stakeholders in a mutually beneficial exchange of information and commit to apply to participate in a Cross-Border Cyber Hub within the next 2 years, with a view to exchanging information with other National Cyber Hubs.
To achieve this aim, a call for expression of interest will be launched to select entities in Member States that provide the necessary facilities to host and operate National Cyber Hubs. Applicants to the call for expressions of interest should describe the aims and objectives of the National Cyber Hub, describe its role and how such role relates to other cybersecurity actors, such as CSIRTs, and its potential cooperation with other public or private cybersecurity stakeholders. Applicants should also provide the detailed planning of the activities and tasks of the National Cyber Hub, the services it will offer, the way it will operate and be operationalised, and describe the duration of the activity as well as the main milestones and deliverables. They should also specify what equipment, tools and services need to be procured and integrated to build up the National Cyber Hub, its services and its infrastructure.
To support the above activities of a National Cyber Hub, the following two workstreams of activities are foreseen:
- [Procurement] A Joint Procurement Action with the Member State where the National Cyber Hub is located: this will cover the procurement of the main infrastructure, tools and services needed to build up the National Cyber Hub.
- [Building up and running the National Cyber Hub] A grant will also be available to cover, among others, the preparatory activities for setting up the National Cyber Hub, its interaction and cooperation with other stakeholders, as well as the running/operating costs involved, enabling the effective operation of the National Cyber Hub, e.g. using the infrastructure, tools and services purchased through the joint procurement. These will also indicate milestones and deliverables to monitor progress
Applications shall be made to both workstreams. The applications will be subject to an evaluation procedure. Grants will only be awarded to applicants that have succeeded in the evaluation of the joint procurement action.
These actions aim at creating or strengthening National Cyber Hubs, which occupy a central role in ensuring the cybersecurity of national authorities, providers of critical infrastructures and essential services. Cyber Hubs, in cooperation with other relevant national/regional entities, are tasked with monitoring, understanding and proactively managing cybersecurity threats. Cyber Hubs will have a crucial operative role in ensuring cybersecurity in the Union and will handle sensitive information.
Call Total Budget
Financing percentage by EU or other bodies / Level of Subsidy or Loan
50%
Thematic Categories
- Information and Communication Technologies
- Public Administration
- Research, Technological Development and Innovation
Eligibility for Participation
- Businesses
- Educational Institutions
- Large Enterprises
- Legal Entities
- Other Beneficiaries
- Researchers/Research Centers/Institutions
- Services Providers
- Small and Medium Enterprises (SMEs)
- State-owned Enterprises
Eligibility For Participation Notes
In order to be eligible, the applicants (beneficiaries and affiliated entities) must:
- be legal entities (public or private bodies)
- be established in one of the eligible countries, i.e.:
- EU Member States (including overseas countries and territories (OCTs))
- EEA countries (Norway, Iceland, Liechtenstein)
Beneficiaries and affiliated entities must register in the Participant Register — before submitting the proposal — and will have to be validated by the Central Validation Service (REA Validation). For the validation, they will be requested to upload documents showing legal status and origin.
Other entities may participate in other consortium roles, such as associated partners, subcontractors, third parties giving in-kind contributions, etc (see section 13).
Please be aware that all topics of this call are subject to restrictions due to security, therefore entities must not be directly or indirectly controlled from a country that is not an eligible country. All entities14 will have to fill in and submit a declaration on ownership and control.