Supporting ENISA for the provision of cybersecurity services to Bulgaria, Malta, Netherlands and Poland LOTS 1-4

This summary presents an EU procurement opportunity issued by the European Union Agency for Cybersecurity (ENISA) titled "Supporting ENISA for the provision of cybersecurity services to Bulgaria, Malta, Netherlands, and Poland". The procurement involves four separate lots, each valued at €900,000, leading to a total funding amount of €3.6 million. The contract duration is for an initial 16 months, with potential extensions making it extendable to 48 months.

The main objective is to enhance cybersecurity capabilities across the four targeted EU Member States by providing comprehensive cybersecurity services, which includes both proactive measures (preparedness) and reactive measures (incident response). This supports existing initiatives like the Cybersecurity Support Action Programme and the EU Cybersecurity Reserve.

Eligible applicants include companies, organizations, or economic operators capable of delivering cybersecurity services. The procurement does not specifically target small to medium-sized enterprises (SMEs), suggesting that larger firms or specialized providers are preferred. Both single applicants and consortiums can participate, as detailed consortium documentation is available.

The application process requires electronic submission through the EU's Funding and Tenders Portal, with a submission deadline set for October 20, 2025. The evaluation criteria emphasize a quality-focused approach, where 65% of the decision will be based on the quality of the proposal and 35% on price.

This opportunity primarily targets organizations with expertise in IT services classified under CPV code 72000000, which encompasses consulting, software development, and support services. The contract's financial mechanism entails payments for services rendered rather than grants for projects.

In summary, this invitation to tender represents a significant opportunity for cybersecurity firms and IT service providers to engage with EU cybersecurity initiatives, aiming to bolster the resilience of Bulgaria, Malta, Netherlands, and Poland against cyber threats. Interested parties must submit their proposals following the specified criteria and guidelines.

This is a call for tenders, procedure identifier ENISA/2025/OP/0011, published on 16/09/2025 by the European Union Agency for Cybersecurity (ENISA). The TED reference is 177/2025 603046-2025. The submission method is electronic and the call is currently open for submission. The estimated total value of the tender is 3,600,000 EUR.

The purpose of this Call for Tenders is to provide support to ENISA in the implementation of:
the Cybersecurity Support Action Programme and specifically to increase support for preparedness (ex-ante) and response (ex-post) cybersecurity services in the EU Member States.
the EU Cybersecurity Reserve and specifically in the delivery of response (ex-post) cybersecurity services for Member States.

The call is divided into four lots:
Lot 1: Supporting ENISA for the provision of cybersecurity services to Bulgaria.
Lot 2: Supporting ENISA for the provision of cybersecurity services to Malta.
Lot 3: Supporting ENISA for the provision of cybersecurity services to Netherlands.
Lot 4: Supporting ENISA for the provision of cybersecurity services to Poland.

The description for each lot is the same: Supporting ENISA for the provision of cybersecurity services to the specified country, focusing on:
the Cybersecurity Support Action Programme to increase support for preparedness (ex-ante) and response (ex-post) cybersecurity services in the EU Member States.
the EU Cybersecurity Reserve in the delivery of response (ex-post) cybersecurity services for Member States.

The nature of the contract is for services, with a maximum contract duration of 36 months. The award method is based on the best price-quality ratio. The estimated value for each lot is 900,000 EUR. The framework agreement is a framework agreement, without reopening of competition. The main classification (CPV) code is 72000000 - IT services: consulting, software development, Internet and support.

Important milestones include:
TED publication date: 16/09/2025
Date and time of public opening: 20/10/2025 13:00 Europe/Athens
Deadline for receipt of tenders: 20/10/2025 10:00 Europe/Athens
Contracting authority is not bound to reply to questions submitted after: 10/10/2025 05:00 Europe/Athens

The following documents are available for download:
ENInvitation to tender ENISA2025OP0011 F-OSU-25-T16 Supporting ENISA 4 lotsInvitation letterPublished on 16/09/2025All lotsVersion 1 No translations available
ENTender Specifications ENISA2025OP0011 F-OSU-25-T16 Relaunch 4 LotsTender specificationsPublished on 16/09/2025All lotsVersion 1 No translations available
EN01. ANNEX I Legal Entity and Bank accountOther invitation to tender documentPublished on 16/09/2025All lotsVersion 1 No translations available
EN02. Annex II Simplified Financial StatementOther invitation to tender documentPublished on 16/09/2025All lotsVersion 1 No translations available
EN03. Annex III Declaration on Honour FR Recast-enDeclaration on honour (tender)Published on 16/09/2025All lotsVersion 1 No translations available
EN04. Annex IV Financial offer form LOTs 1 to 4Financial offer formPublished on 16/09/2025All lotsVersion 1 No translations available
EN05. Annex V Draft Framework Service ContractDraft contractPublished on 16/09/2025All lotsVersion 1 No translations available
EN06. Annex VI Power of Attorney for Consortium FormsOther invitation to tender documentPublished on 16/09/2025All lotsVersion 1 No translations available
EN07. Annex VII Sub-contractors formOther invitation to tender documentPublished on 16/09/2025All lotsVersion 1 No translations available
EN08. Annex VIII Administrative ID and Declaration formOther invitation to tender documentPublished on 16/09/2025All lotsVersion 1 No translations available

Submissions must be sent exclusively via electronic submission.

Some frequently asked questions (FAQ) and their answers are:
How to proceed if the system is slow or doesn’t work while uploading/downloading documents? Use the latest versions of Google Chrome or Mozilla Firefox. If the issue persists, clear the cache and cookies.
Which Internet browsers does eSubmission support? Use the latest versions of Google Chrome or Mozilla Firefox.
Is it possible to view the details of the submission after the deadline? No, the content is not accessible after submitting as the system encrypts all attachments upon upload.
Where can I find my submissions in Manage My Area, in the Funding & Tenders portal? In ‘My Submission(s)’: tenders in response to open calls for tenders, requests to participate.
Which size should attachments have? Less than 50 MB in size.
How should I name attachments in eSubmission? Follow the System Requirements.
Can I submit a video in eSubmission? Which formats are supported? Check the System Requirements of eSubmission.
I received an invitation from the F&T Portal but cannot view the procurement documents. Select an organisation in F&T Portal, “My Invitations”.
Do I need to validate my PIC in order to submit a tender in eSubmission? Yes, the Personal Identification Code (PIC) is mandatory.
I have an issue uploading a file in eSubmission and it’s giving me an error. What do I do? Make sure it follows the technical requirements of the system.
How many attachments can I upload per submission? The maximum is 200 files.
Why do tenderers need a PIC? It is mandatory to register for a PIC if you intend to submit a tender or a request to participate.
How do I register my organisation and get a Participant Identification Code (PIC)? Check if the organisation is already registered using the Search PIC tool under 'How to Participate' > Participant Register.
How many languages does the system support? The system is multilingual and supports all 24 official EU languages.
Which is the character set encoding in the system? The character set encoding is UTF-8.
Does the system use encryption to ensure the integrity and the confidentiality of the information? Yes, the system encrypts all uploaded documents, using an asymmetric key as an encryption mechanism.
Which file types does the system support? The supported file types depend on the type of submission you want to make.
Can I view and edit my draft submission? Until the deadline, submissions in the draft status can be edited, viewed and deleted.
In the submission report, under the name of our entity, "Legal form: UNKNOWN" is displayed while in the system, our legal form was correctly displayed. Is this a problem for the submission? No, it is just a display issue.
I sent my submission on time and a few days later, I received an automatic email informing me that the deadline for the reception of submissions had been reached. Does this mean that my submission was not correctly sent? No, this is an auto-generated notification.

In summary, this tender opportunity aims to bolster the cybersecurity capabilities of Bulgaria, Malta, Netherlands and Poland by providing support to ENISA in implementing cybersecurity programs and the EU Cybersecurity Reserve. The tender is divided into four lots, each focusing on one of the aforementioned countries. Interested parties can submit their tenders electronically, ensuring they adhere to the specified guidelines and deadlines. The opportunity seeks to enhance both the preparedness and response capabilities of these member states in the face of evolving cyber threats. The tender documents provide detailed information on the scope of work, eligibility criteria, and submission procedures.

Eligible Applicant Types: The eligible applicant types are not explicitly stated, but based on the tender specifications and required documents (Legal Entity and Bank account, Simplified Financial Statement, Declaration on Honour, etc.), it can be inferred that the eligible applicants are likely to be legal entities such as companies, firms, or organizations capable of providing IT services, consulting, software development, Internet and support. Subcontractors are also mentioned, suggesting that entities can participate as part of a larger consortium or as subcontractors to a main tenderer.

Funding Type: The funding type is procurement, specifically a service contract. The call is an invitation to tender, where applicants submit proposals to provide services in exchange for a contract. The contract is a framework agreement, without reopening of competition.

Consortium Requirement: The opportunity allows for both single applicants and consortia. Annex VI, "Power of Attorney for Consortium Forms," suggests that consortia are permitted. The FAQ section also mentions that a Personal Identification Code (PIC) is mandatory to participate as a sole candidate/tenderer or as a member of a group (consortium).

Beneficiary Scope (Geographic Eligibility): The geographic eligibility is likely focused on EU Member States, given that the purpose of the tender is to support cybersecurity services within the EU. The specific lots target Bulgaria, Malta, Netherlands, and Poland, implying that entities operating or capable of providing services in these countries are particularly relevant.

Target Sector: The target sector is clearly cybersecurity and IT services. The call specifies support for ENISA in implementing the Cybersecurity Support Action Programme and the EU Cybersecurity Reserve. The main classification (CPV) code provided is 72000000 - IT services: consulting, software development, Internet and support.

Mentioned Countries: Bulgaria, Malta, Netherlands, and Poland are explicitly mentioned as the target countries for the four different lots.

Project Stage: The project stage is focused on the implementation and delivery of cybersecurity services. The tender aims to support existing programs like the Cybersecurity Support Action Programme and the EU Cybersecurity Reserve, indicating a need for entities capable of providing operational support and services.

Funding Amount: The estimated total value of the tender is 3,600,000 EUR. Each of the four lots has an estimated value of 900,000 EUR.

Application Type: The application type is an open call for tenders, with electronic submission.

Nature of Support: The nature of support is monetary, through service contracts awarded to successful tenderers. These contracts will be in exchange for the provision of cybersecurity services.

Application Stages: The number of application stages is not explicitly detailed, but it involves at least one stage of submitting a tender, which will then be evaluated based on the best price-quality ratio.

Success Rates: The success rates are not mentioned in the provided text.

Co-funding Requirement: The co-funding requirement is not explicitly stated.

Summary:

This is an invitation to tender issued by the European Union Agency for Cybersecurity (ENISA) to seek support in implementing the Cybersecurity Support Action Programme and the EU Cybersecurity Reserve. The tender is divided into four lots, each targeting a specific EU Member State: Bulgaria, Malta, Netherlands, and Poland. The overall estimated value of the tender is 3,600,000 EUR, with each lot valued at 900,000 EUR. The contract duration is 36 months.

The purpose of this call is to enhance cybersecurity preparedness and response capabilities within the EU Member States. The selected tenderers will provide services related to IT consulting, software development, Internet support, and overall cybersecurity support.

The application process involves electronic submission of tenders, and the award will be based on the best price-quality ratio. Interested parties must register for a Personal Identification Code (PIC) and adhere to specific technical requirements for submitting their proposals. The deadline for submitting tenders is October 20, 2025. This tender represents an opportunity for IT service providers and cybersecurity firms to engage in framework service contracts with ENISA, contributing to the cybersecurity resilience of specific EU member states.