The EU Cyber Solidarity Act

The EU Cyber Solidarity Act aims to strengthen capacities in the EU to detect, prepare for and respond to significant and large-scale cybersecurity threats and attacks. The Act includes a European Cybersecurity Alert System, made of Security Operation Centres interconnected across the EU, and a comprehensive Cybersecurity Emergency Mechanism to improve the EU’s cyber resilience.

European Cybersecurity Shield

The European Cyber Solidarity Act includes a proposal for a European Cybersecurity Alert System to improve the detection, analysis and response to cyber threats.

This system will be composed of national and cross-border Security Operations Centres (SOCs) across the EU, who will use advanced technology such as Artificial Intelligence (AI) and data analytics to detect and share warnings on threats with authorities across borders.

During a first phase, launched in November 2022, three consortia of cross-border Security Operations Centres(SOCs) were selected, bringing together public bodies from 17 Member States and Iceland, under the Digital Europe Programme.

Cyber Emergency Mechanism

The Cyber Emergency Mechanism will ensure that preparedness and response to cybersecurity incidents are improved. It will do this by acting in 3 areas:

1. Supporting preparedness actions: Testing entities in crucial sectors such as finance, energy and healthcare for potential weaknesses that could make them vulnerable to cyber threats. The selection of sectors to be tested will be based on common risk assessment at the EU level.
2. Creating an EU Cybersecurity Reserve: The EU Cybersecurity Reserve will consist of incident response services from private service providers (‘trusted providers’), that can be deployed at the request of Member States or Union Institutions, bodies and agencies to help them address significant or large-scale cybersecurity incidents.
3. Ensuring mutual assistance: The mechanism will support a Member State that offers mutual assistance to another Member State affected by  a cybersecurity incident.

Cybersecurity Incident Review Mechanism

The Cyber Solidarity Act also establishes the Cybersecurity Incident Review Mechanism to assess and review specific cybersecurity incidents. At the request of the Commission or of national authorities (the EU-CyCLONe or the CSIRTs network), the EU Cybersecurity Agency (ENISA) will be responsible for the review of specific significant or large-scale cybersecurity incident and should deliver a report that includes lessons learned, and where appropriate, recommendations to improve Union’s cyber response.

Funding

The EU Cybersecurity Shield and the Cybersecurity Emergency Mechanism of this Regulation will be supported by funding under Strategic Objective ‘Cybersecurity’ of the Digital Europe Programme (DIGITAL).

The total budget includes an increase of €100 million that this Regulation proposes to re-allocate from other Strategic Objectives of DEP. This will bring the new total amount available for Cybersecurity actions under DIGITAL to €842.8 million.

Part of the additional €100 million will reinforce the budget managed by the ECCC to implement actions on SOCs and preparedness as part of their Work Programme(s). Moreover, the additional funding will serve to support the establishment of the EU Cybersecurity Reserve.

It complements the budget already foreseen for similar actions in the main DIGITAL and Cybersecurity DIGITAL work programme from the period 2023-2027 which could bring the total to €551 million for 2023-2027, while €115 million were dedicated already in the form of pilots for 2021-2022. Including Member States contributions, the overall budget could amount up to €1.109 billion.