EU CyberNet

A large community of over 500 experts can be deployed for targeted ad-hoc activities to support partner countries, when no other EU-funded actions can be used.

Thematic areas covered (not limited to)

• cybersecurity education and training
• cyber security economics
• technology governance
• digital identity and trust services
• cybersecurity management
• cyber and information risk management
• data protection
• computer security incident response
• cyber awareness
• internet of things
• security testing, IT security assessment
• cyber threat intelligence
• cyber crisis management
• digital forensics
• cloud security and compliance
• cybersecurity exercises
• international law applicable to cyber space
• AI
• exploit and malware analysis
• critical information infrastructure protection (CIIP)
• applied cryptography
• incident management
• information operations
• internet governance
• monitoring and threat detection
• secure system architecture and software development
• cyber policy
• information security standards
• automated bot malware mitigation
• general IT systems security
• cyber-physical systems and industrial control systems

Potential beneficiaries include (not limited to)

• national cybersecurity agencies
• ministries of ICTs, interior, defence, foreign affairs
• computer security incident response teams (CSIRTs), computer emergency response teams (CERTs)
• national parliaments
• data protection offices
• national port authorities, maritime security institutes
• central banks
• law enforcement agencies
• telecommunication agencies
• critical infrastructure facilities (energy, transport, health etc.)
• chambers of commerce
• Small and Medium Enterprises (SMEs)
• universities, IT vocational colleges
• journalists
• NGOs.

• A country requires support/advice to assess the compliance of national cybersecurity legislation to EU regulations / relevant international good practices or help in draft a national cybersecurity strategy.
• A country requires support/advice for a nationwide cybersecurity risk assessment, cyber emergency response plan development, or tabletop exercise etc.
• A chamber of commerce requires support to train its SMEs on cybersecurity and cyber hygiene.

• Global coverage
• Priority countries: Indo-Pacific region
• Countries in other regions also eligible – including as a complement to other EU-funded projects

Request from a partner country (state and non-state stakeholders): 

1. Request addressed to EU delegation (EUD) or to the project directly (for instance as a result of a bilateral meeting, an encounter during an international event, during a scoping assignment, finding out about the project on-line….).
2. The EUD or the project passes the letter on to the Service for Foreign Policy Instruments (FPI) of the European Commission.
3. Based on an internal approval process (involving a review by the EUD and a consultation with EEAS and INTPA/ENEST/MENA depending on the region), FPI will consider whether the request merits further attention, including whether it is not already covered by an existing instrument.
4. If the answer is positive, it will formally transfer it to the project team.
5. A confirmation will be sent to the partner country through the EUD or EU CyberNet, depending on what the EUD considers as the most appropriate channel.
6. If the project team requires further information on the request, it may then engage directly with the partner country.

Request from an EUD

1. An EUD can also contact FPI directly to discuss the possibility to activate EU CyberNet in a given country.
2. Next steps in the process will then follow the situation described above.

While the time between the initial request and the first delivery of an online activity is usually less than 2 months, the exact timeline is determined by the speed at which the request is transmitted through the different channels, the time needed for the approval of the request by FPI/EEAS/other DGs as relevant, the responsiveness of the recipient country, the need for additional discussions to determine the exact scope of the initial request (in particular if the initial request is generic) as well the workload of Eu CyberNet at any given time.