The action focuses on capacity building and the enhancement of cooperation on cybersecurity at technical, operational and strategic levels, in the context of existing and proposed EU legislation on cybersecurity in particular the NIS2 Directive (Directive (EU) 2022/2555), the Cybersecurity Act and the proposed Cyber Resilience Act, and the Directive on attacks against information systems (Directive 2013/40). It complements the work of SOCs in the area of threat detection. It is a continuation of work currently supported under the previous WP.

In addition, the action also aims at improving industrial and market readiness for the cybersecurity requirements set in the proposal for a regulation on cybersecurity requirements for products with digital elements, known as the Cyber Resilience Act bolstering cybersecurity rules to ensure more secure hardware and software products.

  • Proposals should contribute to achieving at least one of these objectives;
  • Development of trust and confidence between Member States.
  • Effective operational cooperation of organisations entrusted with EU or Member State’s national level cybersecurity, in particular cooperation of CSIRTs (including in relation to the CSIRT Network) or cooperation of Operators of Essential Services including public authorities.
  • Better security and notification processes and means for Operators of Essential Services and for digital service providers in the EU.
  • Better reporting of cyber-attacks to law enforcement authorities in line with the Directive on attacks against information systems.
  • Improved security of network and information systems in the EU.
  • More alignment of Member States’ implementations of NIS2 (Directive (EU) 2022/2555).
  • Support cybersecurity certification in line with the Cybersecurity Act.