EU CyberNet II: The Bridge to Cybersecurity Expertise in the EU

Context

Cyber threats in 2025 are more sophisticated, frequent and disruptive than ever, targeting critical infrastructure, economies and democratic processes. The misuse of AI, ransomware, supply-chain attacks and disinformation demand urgent action. 

In the Indo-Pacific, rapid digitalisation and new connectivity via undersea cables and satellite internet bring both opportunities and vulnerabilities. Limited cyber capacity, uneven legislation and geopolitical tensions fuel risks, with state and non-state actors exploiting gaps for espionage, disruption and influence. Incidents, such as ransomware paralysing Vanuatu’s government and espionage against telecoms in Pakistan, Mongolia and Malaysia, underscore the stakes. 

EU CyberNet II responds by building global resilience: supporting strategy and legislation development, training Computer Security Incident Response Teams (CSIRTs), engaging service providers, raising awareness and hosting regional events. These initiatives strengthen cyber governance, close capacity gaps and foster secure, stable digital ecosystems worldwide.

Overall objective

This project aims to operate as a flexible facility working with governments to ensure that citizens of EU partner countries benefit from a global, open, free, secure, resilient and peaceful cyberspace.

Specific objectives

• To strengthen cyber capacity globally through EU’s cooperation.
• To strengthen cyber resilience of states and societies in the Indo-Pacific.

Concrete activities

• Outreach, onboarding, gatherings and one-on-one sessions with experts to build trust, strengthen the sense of community and maximise the value of the Expert Pool for stakeholders.
• Club events, Summer and Winter Schools and crash courses to equip experts with up-to-date skills, address emerging cyber challenges and encourage knowledge sharing.
• Regular stakeholder and community events to align efforts, exchange progress and connect with peers and EU institutions.
• Development of a centralised Knowledge Hub to collect best practices, documents and tools supporting continuous learning and coordination in cyber capacity building.
• On-demand support for partner countries, including policy and strategy development, CSIRT strengthening, legislative review, cyber curricula creation and public awareness campaigns.

Expected results

• Increased cyber security awareness and cyber capacity building expertise for the EU.
• Greater alignment of partner country cyber policies with the principles of a global, open, free, secure, resilient and peaceful cyberspace.
• Strengthened policy frameworks, strategies and institutional capacities in partner countries through tailored technical support.
• Increased participation of experts and stakeholders in EU-supported cyber capacity-building initiatives globally.
• Regular engagement of the Expert Pool and stakeholders through targeted events, workshops and collaborative activities.

Expected achievements

• At least 22 yearly community engagement activities organised or supported, including expert stakeholder participations in different community initiatives.
• At least 20 yearly knowledge dissemination products produced (including blogs, podcasts, knowledge hub materials, project mapping information, CCB study, etc).
• At least 1200 yearly participations by experts in club events, 120 yearly participations by experts in crash courses, and 40 yearly participations by experts in summer and winter schools.
• 6 cybersecurity podcast episodes per year.
• At least 70 yearly participations by stakeholders in Stakeholder Community Days and Cyber Project Community days.
• 3 partner countries applying internationally accepted standardisation frameworks for cybersecurity.
• 8 partner countries received on-demand support.
• 8 seminars and ToTs organised for public officials, SMEs, academia and civil society to enhance their capacity to promote secure digital behaviour.
• 4 student bootcamps on cybersecurity for the Indo-Pacific.
• 3 targeted cybersecurity awareness training for local media and journalists.
• And many more regional events, cybersecurity policies and strategies, training events, cyberdiplocacy sessions, awareness campaigns and cyber hygiene sessions.