New advanced tools and processes for Operational Cybersecurity

The Horizon Europe call titled "New advanced tools and processes for Operational Cybersecurity" is designed to improve cybersecurity capabilities across the EU. It requires participation from at least one Police Authority and one Civil Society Organisation or NGO from two different EU Member States or Associated Countries. Entities such as research institutes, SMEs, and technology developers are also encouraged to apply.

The funding type is a grant under the HORIZON Innovation Actions framework, provided as a lump sum. A consortium is mandatory, necessitating collaboration across multiple entities, including national cybersecurity authorities. The geographic eligibility encompasses legal entities from EU Member States and Associated Countries; entities linked to non-eligible countries are prohibited from participation.

The targeted sector is cybersecurity, focusing on the development of advanced technologies, tools, frameworks, and processes that enhance operational and technical cybersecurity cooperation. Specific areas of interest include artificial intelligence, Post-Quantum Cryptography, and crisis management frameworks.

Projects are expected to reach a Technology Readiness Level (TRL) of 5 upon completion, indicating that they should be validated in a relevant environment. While the exact funding amounts are not specified, they typically range from €2 million to €14 million, depending on the exact topic within the call. Proposals are due by November 12, 2025, and the application process is a single-stage submission.

The expected outcomes include enhanced situational awareness for cybersecurity risks, frameworks to prepare for cyber and hybrid threats, improved functionalities for Security Operations Centres, development of testing facilities, and frameworks for effective crisis management. The initiative aims to bolster the EU’s responses to evolving cyber threats while encouraging innovative contributions from European cybersecurity startups and SMEs with operational ties to national cybersecurity authorities.

In conclusion, this funding opportunity seeks to enhance the EU's cybersecurity infrastructure through collaborative efforts that generate new tools and methodologies, ensuring readiness against increasing cyber threats. It emphasizes the importance of real-world applications and stakeholder involvement in the projects.

Eligible Applicant Types: The eligible applicant types include legal entities established in Member States and Associated Countries. The participation of innovative European cybersecurity start-ups and SMEs with a proven track-record in cybersecurity innovation at EU level, European start-ups and SMEs that can demonstrate established operational cooperation with relevant National Cybersecurity Authorities, and European start-ups and SMEs that have received equity investments by national, European or private Venture Capital funds for cybersecurity activities is highly encouraged.

Funding Type: The funding type is a grant, specifically HORIZON Innovation Actions (HORIZON-IA) and HORIZON Research and Innovation Actions (HORIZON-RIA) under the Horizon Europe Programme. The eligible costs will take the form of a lump sum.

Consortium Requirement: The opportunity requires a consortium of multiple applicants. Proposals are expected to demonstrate the developed frameworks, tools, services, and processes through pilot implementations involving the participation of relevant national cybersecurity authorities and/or essential and important entities as defined in NIS2, implemented with the participation of leading European cybersecurity industry.

Beneficiary Scope (Geographic Eligibility): The geographic eligibility is limited to legal entities established in Member States and Associated Countries. Entities directly or indirectly controlled by a non-eligible country or entity are not allowed to participate.

Target Sector: The target sector is cybersecurity, focusing on developing advanced frameworks, technologies, tools, processes, and services that reinforce cybersecurity capabilities for operational and technical cybersecurity cooperation. It also targets information and communication technology (ICT) and operational technology (OT).

Mentioned Countries: The opportunity explicitly mentions Member States and Associated Countries of the European Union as eligible regions.

Project Stage: The project stage appears to be focused on development, validation, and demonstration, with an emphasis on pilot implementations and real-world applications. Proposals are expected to demonstrate developed frameworks, tools, services, and processes through pilot implementations.

Funding Amount: The funding amounts vary depending on the specific topic within the call:
HORIZON-CL3-2025-02-CS-ECCC-01: EUR 12,000,000 to EUR 14,000,000
HORIZON-CL3-2025-02-CS-ECCC-02: EUR 4,500,000 to EUR 6,000,000
HORIZON-CL3-2025-02-CS-ECCC-03: EUR 3,000,000 to EUR 4,000,000
HORIZON-CL3-2025-02-CS-ECCC-04: EUR 2,000,000 to EUR 3,000,000
HORIZON-CL3-2025-02-CS-ECCC-05: EUR 2,000,000 to EUR 3,000,000
HORIZON-CL3-2025-02-CS-ECCC-06: EUR 2,000,000 to EUR 3,000,000

Application Type: The application type is an open call with a single-stage submission process.

Nature of Support: Beneficiaries will receive money in the form of a lump sum grant.

Application Stages: The application process involves a single stage.

Success Rates: The success rates are not explicitly mentioned, but the indicative number of grants for each topic is provided, which can be used to estimate the potential success rate based on the number of expected proposals.

Co-funding Requirement: The need for co-funding is not explicitly mentioned, but eligible costs will take the form of a lump sum.

Summary: This Horizon Europe call, managed by the ECCC, focuses on "New advanced tools and processes for Operational Cybersecurity." It aims to enhance the EU's cybersecurity capabilities by funding projects that develop and implement innovative frameworks, technologies, tools, processes, and services. The call encourages the participation of innovative European cybersecurity start-ups and SMEs. Projects should address at least two of the specified expected outcomes, including enhanced situational awareness, preparedness against cyber and hybrid threats, expanded SOC/CSIRT functionality, development of testing facilities, cross-sector cyber crisis management, and enhanced operational cooperation. The funding is provided as a lump sum grant, and participation is limited to legal entities from Member States and Associated Countries. The call is a single-stage submission process with a deadline of November 12, 2025. The total budget for the call is divided among six different topics, each with its own specific focus and funding range. This initiative seeks to bolster the EU's cybersecurity ecosystem and ensure heightened preparedness against large-scale cyber incidents.

This is a Horizon Europe call for proposals focusing on new advanced tools and processes for operational cybersecurity, managed indirectly by the ECCC. The call falls under the HORIZON-IA (Innovation Actions) funding scheme, utilizing a lump sum grant approach. The planned opening date is June 12, 2025, with a deadline of November 12, 2025, at 17:00 Brussels time.

The call aims to address the increasing cybersecurity risks and complex threat landscape faced by Member States due to the growing dependence on information and communication technologies. It seeks to enhance the EU's collective cybersecurity crisis management preparedness, particularly in light of hostile cyber operations integrated into hybrid and warfare strategies. The call acknowledges the dramatic increase in cyberattacks, including supply chain attacks, and the overwhelming number of vulnerabilities that cannot be manually managed.

Proposals should address at least two of the following expected outcomes:

1.  Enhanced Situational Awareness: Develop advanced Cyber Threat Intelligence frameworks, tools, and services, along with cybersecurity risk assessments of critical supply chains within the EU.

2.  Preparedness against Cyber and Hybrid Threats: Create frameworks, tools, and services to prepare against cyber and hybrid threats in information and communication technology (ICT) and operational technology (OT), including cybersecurity exercises.

3.  Expanded SOC/CSIRT Functionality: Enhance Security Operations Centre/Computer Security Incident Response Teams (SOC/CSIRT) functionality with advanced tools and services for detection, analysis, incident handling (including response and reporting), and remediation.

4.  Testing and Experimentation Facilities: Develop testing and experimentation facilities for advanced operational cybersecurity tools and processes, including the creation of digital twins for critical infrastructures and essential entities as defined in NIS2.

5.  Cyber Crisis Management: Develop and pilot implement cross-sector and/or cross-border cyber crisis management frameworks, services, and tools.

6.  Enhanced Operational Cooperation: Create frameworks, services, and tools aimed at improving operational cooperation between public sector entities (CSIRT network, EU-CyCLONe), with an advantage given to extensions that include essential entities as defined in NIS2.

The scope of the proposals should include demonstrating developed frameworks, tools, services, and processes through pilot implementations. These implementations should involve relevant national cybersecurity authorities and/or essential entities as defined in NIS2, and be implemented with the participation of leading European cybersecurity industry. Proposals must consider the impact of the forthcoming Cyber Resilience Act. Real-world applications and the usability of developed solutions are prioritized.

The call encourages participation from innovative European cybersecurity start-ups and SMEs with a proven track record in cybersecurity innovation at the EU level. This includes those with active participation in successful EU-funded projects (Horizon Europe, Digital Europe Programme, EIC Pathfinder or Accelerator projects), established operational cooperation with National Cybersecurity Authorities, or equity investments by national, European, or private Venture Capital funds for cybersecurity activities. Active participation of these start-ups and SMEs in project implementation (project coordination, technical coordination, lead of pilot implementation) is considered an asset.

The general conditions for this call include:

1.  Admissibility Conditions: Proposal page limit and layout as described in Annex A and Annex E of the Horizon Europe Work Programme General Annexes and Part B of the Application Form.

2.  Eligible Countries: As described in Annex B of the Work Programme General Annexes. Participation is limited to legal entities established in Member States and Associated Countries to safeguard the Union’s strategic assets, interests, autonomy, and security. Entities directly or indirectly controlled by a non-eligible country or entity are not allowed to participate.

3.  Other Eligible Conditions: Compliance with Annex B of the Work Programme General Annexes.

4.  Financial and operational capacity and exclusion: Compliance with Annex C of the Work Programme General Annexes.

5.  Evaluation and award: Award criteria, scoring, and thresholds are described in Annex D of the Work Programme General Annexes. Submission and evaluation processes are described in Annex F of the Work Programme General Annexes and the Online Manual. The indicative timeline for evaluation and grant agreement is described in Annex F of the Work Programme General Annexes.

6.  Legal and financial set-up of the grants: Eligible costs will take the form of a lump sum as defined in the Decision of 7 July 2021. Compliance with Annex G of the Work Programme General Annexes.

Specific conditions are described in the specific topic of the Work Programme.

Application forms, evaluation forms, and model grant agreements are available in the Submission System. Additional documents include the HE Main Work Programme 2023–2025, HE Programme Guide, HE Framework Programme 2021/695, HE Specific Programme Decision 2021/764, EU Financial Regulation 2024/2509, and various guidance documents.

The budget overview for the call in 2025 is as follows:

HORIZON-CL3-2025-02-CS-ECCC-01: HORIZON-RIA, 40,000,000 EUR, contributions of 12,000,000 to 14,000,000 EUR, 3 grants

HORIZON-CL3-2025-02-CS-ECCC-02: HORIZON-IA, 23,550,000 EUR, contributions of 4,500,000 to 6,000,000 EUR, 4 grants

HORIZON-CL3-2025-02-CS-ECCC-03: HORIZON-RIA, 11,000,000 EUR, contributions of 3,000,000 to 4,000,000 EUR, 3 grants

HORIZON-CL3-2025-02-CS-ECCC-04: HORIZON-RIA, 4,000,000 EUR, contributions of 2,000,000 to 3,000,000 EUR, 2 grants

HORIZON-CL3-2025-02-CS-ECCC-05: HORIZON-RIA, 6,000,000 EUR, contributions of 2,000,000 to 3,000,000 EUR, 2 grants

HORIZON-CL3-2025-02-CS-ECCC-06: HORIZON-RIA, 6,000,000 EUR, contributions of 2,000,000 to 3,000,000 EUR, 2 grants

There are 14 partner search announcements available for collaboration on this topic.

In summary, this Horizon Europe call seeks to bolster the EU's cybersecurity capabilities by funding innovative projects that develop and implement advanced tools, frameworks, and processes for operational cybersecurity. It emphasizes pilot implementations, the involvement of key stakeholders, and the participation of European cybersecurity start-ups and SMEs. The call aims to address the evolving threat landscape and enhance the EU's preparedness, detection, response, and cooperation in the face of cyber threats and incidents. The funding is provided as a lump sum, and proposals must align with the objectives of the NIS2 Directive, the Cyber Resilience Act, and the EU Cybersecurity Strategy.