Open calls (FSTP) for CYberSynchrony project: Open Call 1: Infrastructure Resilience & Operational Readiness; Open Call 2: Compliance, Innovation & Re...

The CYberSynchrony project provides an opportunity for SMEs, innovators, and specialized teams to access funding totaling €3.55 million through three open calls aimed at enhancing cybersecurity across Europe. The initiative is built around the EU's Digital Europe Programme and utilizes a Financial Support to Third Parties (FSTP) mechanism to distribute funds to third-party applicants who contribute innovative tools and services. The objective is to strengthen the cybersecurity framework, particularly in sectors governed by the NIS2 Directive, which includes energy, transport, drinking water supply, and manufacturing.

The primary geographic focus is on EU Member States, emphasizing cross-border collaboration and compliance with the NIS2 Directive. The three thematic open calls are:

1. Infrastructure Resilience & Operational Readiness, which aims to improve cybersecurity operations, threat intelligence, and cross-sector cooperation.
2. Compliance, Innovation & Regulatory Advancement, focusing on regulatory compliance and innovative solutions tailored to the needs of regulated sectors.
3. Mutual Assistance & Cyber Collaboration Among Member States, encouraging shared threat intelligence and coordinated incident response.

Each of these calls will run simultaneously, with the project duration for selected initiatives expected to last eight months. The application process is conducted through a dedicated online platform, with stringent eligibility and evaluation criteria that include a two-stage process of eligibility checks followed by expert evaluations. Proposals must be submitted in English, formatted as PDFs, and should not exceed ten pages.

Success rates are not specified, but competitive peers typically yield rates ranging from 10 to 39%. The co-funding requirement is likely, although not explicitly outlined in the call documentation. The deadline for submission is March 1, 2026, at 17:00 CET, ensuring applicants have the opportunity to frame solutions that are practical, scalable, and directly applicable to enhancing Europe's digital infrastructure security. Key performance indicators for each call will guide the effectiveness of funded projects, supporting the overarching goal of advancing cybersecurity capabilities in critical sectors throughout the EU.

The CYberSynchrony project is offering 3.55 million euros in funding through three distinct open calls aimed at enhancing cybersecurity across Europe. The project seeks to integrate advanced threat intelligence, automated response systems, and secure channels for cross-border collaboration. The open calls invite SMEs, innovators, and specialized teams to contribute tools, services, and practices that can enhance the project’s platform and expand its applicability across various sectors. Each selected project will have a duration of 8 months. All three calls will run simultaneously.

The opening date for all three calls is January 1, 2026, and the deadline for submissions is March 1, 2026, at 17:00 Brussels time. The submission model is single-stage.

The project acronym is CYberSynchrony, and the full name of the EU-funded project is Harmonizing People, Processes, and Technology for Robust Cybersecurity. The grant agreement number is 101158555. The topic is DIGITAL-ECCC-2023-DEPLOY-CYBER-04-SUPPORT-ASSIST - Preparedness support and mutual assistance.

Proposals must be submitted via the dedicated online platform, with registration required. Submissions are accepted exclusively through this platform during the call’s opening period. Late submissions or submissions via other means, such as email, will not be evaluated. Proposals must be written in English and submitted as a PDF. The core proposal document must be concise and must not exceed 10 pages, excluding any required annexes. Proposals exceeding the page limit will be deemed ineligible. All required documents must be uploaded through the submission platform before the call deadline.

After the deadline, the Open Call Management Team (OCMT) will perform an eligibility check, including automatic filtering to discard non-eligible proposals. Eligibility conditions may differ per open call, and only eligible proposals will proceed to evaluation.

Eligible proposals are evaluated by independent external experts operating under confidentiality and conflict-of-interest rules. Each proposal is assigned to two external reviewers, who produce individual Evaluation Summary Reports (ESRs). Proposals are scored on a 0–5 scale per criterion, with four criteria in total, making the maximum score for a proposal 20. A threshold of 3/5 per category is required to qualify for selection.

All call-related documentation and supporting material, including detailed guidance on platform access, account creation, and step-by-step instructions for Open Call Applicants, is available at the dedicated CYberSynchrony Open Calls webpage: https://cybersynchrony.eu/open-calls/.

CYberSynchrony aims to:

a. Support rapid detection and mitigation of cyber incidents, continuous risk monitoring, and effective information sharing between Member States and key stakeholders.

b. Emphasize fostering a cybersecurity-aware environment, offering targeted training, awareness campaigns, and practical tools that support organizations in aligning with evolving regulatory requirements (i.e., NIS2 Directive).

The three open calls are:

Open Call 1: Infrastructure Resilience & Operational Readiness

Scope: This call targets the enhancement of cybersecurity infrastructure and operational readiness specifically within sectors governed by the NIS2 Directive, including energy, transport, drinking water supply and distribution, and manufacturing. It supports solutions aimed at improving sector-specific resilience against cyber threats and enabling rapid, coordinated responses.

Priority Areas (all priority areas must be met):

Strengthening Sector-specific Cybersecurity Operations: Support initiatives that establish or amplify operational cybersecurity hubs tailored to the unique needs of energy, transport, water supply, and manufacturing sectors, ensuring sector-specific threat intelligence gathering, rapid incident response, and best practice sharing.

Enhanced Threat Intelligence and Risk Assessment for NIS2 Domains: Channel funds towards projects that aim to develop or adapt advanced threat intelligence platforms specific to the challenges of energy, transport, drinking water, and manufacturing sectors. Focus on real-time monitoring, predictive analytics, and proactive threat hunting tailored to the infrastructures of these domains.

Promotion of Cybersecurity Awareness in NIS2 Sectors: Fund campaigns and training programs tailored to professionals and stakeholders in the energy, transport, water, and manufacturing sectors. Promote best practices, risk mitigation, and cybersecurity hygiene specific to each sector's challenges and requirements.

Supporting Cross-sector Collaborations: Encourage projects that foster inter-sector collaboration, ensuring best practices in one domain (e.g., energy) can be shared and adapted for others (e.g., transport or water supply).

Linked CYberSynchrony Objectives: #1, #3, #6, #7, #8

Mandatory KPIs to be defined by the applicants (additional KPIs may be defined):

Number of essential entities supported

Number of threat assessments/risk scenario analyses carried out

Number of risk monitoring services provided

Open Call 2: Compliance, Innovation & Regulatory Advancement

Scope: This call addresses the regulatory landscape and supports innovative cybersecurity solutions specifically tailored for sectors covered by the NIS2 Directive, including energy, transport, drinking water supply and distribution, and manufacturing.

Priority Areas (all priority areas should be met):

Encouraging Regulatory Compliance in NIS2 Sectors: Dedicate funding to support initiatives focusing on achieving and maintaining compliance with cybersecurity regulations specific to energy, transport, water supply, and manufacturing sectors within the EU.

Boosting Innovations Tailored to NIS2 Domains: Support research and development projects addressing the unique cybersecurity challenges and needs of the specified sectors. This includes creating sector-specific tools, technologies, and strategies ensuring a secure operational environment.

Promotion of Cybersecurity Awareness in NIS2 Sectors: Fund campaigns and training programs tailored to professionals and stakeholders in the energy, transport, water, and manufacturing sectors. Promote best practices, risk mitigation, and cybersecurity hygiene specific to each sector's challenges and requirements.

Supporting Cross-sector Collaborations: Encourage projects that foster inter-sector collaboration, ensuring best practices in one domain (e.g., energy) can be shared and adapted for others (e.g., transport or water supply).

Linked CYberSynchrony Objectives: #6, #8, #9

Mandatory KPIs to be defined by the applicants (additional KPIs may be defined):

Number of penetration tests provided

Number of essential entities supported

Number and nature of vulnerabilities discovered

Open Call 3: Mutual Assistance & Cyber Collaboration Among Member States

Scope: This call seeks to foster a more integrated and united approach to cybersecurity, emphasizing mutual assistance, best practice sharing, and coordinated response mechanisms among Member States (MS).

Priority Areas (Proposals must clearly address at least one of the listed objectives and detail how the initiative will enhance mutual assistance among Member States):

Establishing Unified Threat Intelligence Platforms: Develop or enhance platforms that facilitate real-time sharing of threat intelligence between MS, ensuring a collective response to emerging cyber threats.

Joint Cybersecurity Exercises & Training: Organize joint cybersecurity exercises simulating cross-border incidents, aiming to test and improve the collective response capabilities of MS. Promote training sessions where MS can share their unique experiences, tools, and best practices, ensuring that all states benefit from individual advancements.

Incident Response Coordination: Create or amplify mechanisms that enable rapid coordination between MS when a cybersecurity incident impacts multiple countries. Develop shared playbooks and protocols to guide coordinated responses, ensuring faster containment and mitigation of threats.

Linked CYberSynchrony Objectives: #2, #4, #5

Mandatory KPIs to be defined by the applicants (additional KPIs may be defined):

Number of potential number of users covered per test/ exercise

Number of cross-border actions/exercises

In summary, the CYberSynchrony project is offering a substantial funding opportunity for SMEs, innovators, and specialized teams to develop and implement cybersecurity solutions. The project focuses on enhancing cybersecurity infrastructure, promoting regulatory compliance, and fostering collaboration among Member States. The three open calls target specific areas, including infrastructure resilience, regulatory advancement, and mutual assistance, all within the context of the NIS2 Directive. Applicants must submit their proposals through the dedicated online platform, adhering to specific guidelines and deadlines. The project aims to integrate new capabilities into real-world pilots, ensuring the solutions developed are practical, scalable, and relevant to the security needs of Europe’s digital infrastructure.

Eligible Applicant Types: SMEs, innovators, and specialised teams are explicitly mentioned as eligible applicant types.

Funding Type: The primary financial mechanism is a grant, delivered through cascade funding.

Consortium Requirement: The opportunity does not explicitly state whether a consortium is required or if single applicants are allowed.

Beneficiary Scope (Geographic Eligibility): The opportunity focuses on collaboration among Member States, suggesting that applicants should be based in EU Member States. The context of NIS2 Directive also points to EU eligibility.

Target Sector: The program targets the cybersecurity sector, with a focus on sectors governed by the NIS2 Directive, including energy, transport, drinking water supply and distribution, and manufacturing.

Mentioned Countries: The opportunity mentions EU Member States.

Project Stage: The projects are expected to integrate new capabilities into real-world pilots, suggesting a stage of development, validation, and demonstration.

Funding Amount: The total funding available is €3,550,000. The distribution of funding across the three open calls is not specified, so the funding range per project is variable.

Application Type: The application type is an open call.

Nature of Support: Beneficiaries will receive money through cascade funding.

Application Stages: The application process appears to be single-stage, with an eligibility check followed by evaluation by external experts.

Success Rates: The success rates are not specified in the provided text.

Co-funding Requirement: The co-funding requirement is not specified in the provided text.

Summary:

The CYberSynchrony project is offering 3.55 million euros in funding through three distinct open calls aimed at enhancing cybersecurity across the European Union. These calls invite SMEs, innovators, and specialized teams to contribute tools, services, and practices that will strengthen the project's integrated cybersecurity framework. The framework focuses on advanced threat intelligence, automated response systems, and secure cross-border collaboration.

Open Call 1, titled "Infrastructure Resilience & Operational Readiness," targets the improvement of cybersecurity infrastructure within sectors governed by the NIS2 Directive, such as energy, transport, water supply, and manufacturing. It prioritizes strengthening sector-specific cybersecurity operations, enhancing threat intelligence and risk assessment, promoting cybersecurity awareness, and supporting cross-sector collaborations. Key performance indicators (KPIs) include the number of essential entities supported, threat assessments conducted, and risk monitoring services provided.

Open Call 2, "Compliance, Innovation & Regulatory Advancement," addresses the regulatory landscape and seeks innovative cybersecurity solutions tailored for the NIS2 Directive sectors. It focuses on encouraging regulatory compliance, boosting innovations specific to these sectors, promoting cybersecurity awareness, and supporting cross-sector collaborations. KPIs include the number of penetration tests provided, essential entities supported, and vulnerabilities discovered.

Open Call 3, "Mutual Assistance & Cyber Collaboration Among Member States," aims to foster a more integrated approach to cybersecurity among EU Member States. It emphasizes mutual assistance, best practice sharing, and coordinated response mechanisms. Priority areas include establishing unified threat intelligence platforms, organizing joint cybersecurity exercises and training, and improving incident response coordination. KPIs include the potential number of users covered per test/exercise and the number of cross-border actions/exercises.

All three open calls share the common goal of enhancing cybersecurity within the EU, particularly in critical sectors defined by the NIS2 Directive. The projects are expected to last for 8 months, and proposals must be submitted in English as a PDF via the dedicated online platform. The deadline for submissions is March 1, 2026. The CYberSynchrony project aims to integrate new capabilities into real-world pilots, ensuring that the developed solutions are practical, scalable, and relevant to the security needs of Europe’s digital infrastructure.