EU Cyber Solidarity Act

The EU Cyber Solidarity Act entered into force on 4 February 2025. It aims to strengthen capacities in the EU to detect, prepare for and respond to significant and large-scale cybersecurity threats and attacks. The Act includes a European Cybersecurity Alert System, made of National and Cross-Border Cyber Hubs  interconnected across the EU, and a comprehensive Cybersecurity Emergency Mechanism to improve the EU’s cyber resilience.

European Cybersecurity Alert System

The Cyber Solidarity Act includes a proposal for a European Cybersecurity Alert System to improve the detection, analysis and response to cyber threats.

This system will be composed of National and Cross-Border Cyber Hubs  across the EU, who will use advanced technology such as Artificial Intelligence (AI) and data analytics to detect and share warnings on threats with authorities across borders.

During a first phase, launched in November 2022, two consortia of cross-border Security Operations Centres (now Cyber Hubs) were selected, under the Digital Europe Programme.

Cybersecurity Emergency Mechanism

The Cybersecurity Emergency Mechanism will ensure that preparedness and response to cybersecurity incidents are improved. It will do this by acting in 3 areas:

1. Supporting preparedness actions: Testing entities in crucial sectors such as finance, energy and healthcare for potential weaknesses that could make them vulnerable to cyber threats. The selection of sectors to be tested should take into account common risk assessment at the EU level.
2. Creating an EU Cybersecurity Reserve: The EU Cybersecurity Reserve will consist of incident response services from private service providers (‘trusted providers’), that can be deployed at the request of Member States or Union Institutions, bodies and agencies or DEP-associated third countries subject to the conditions of the Cyber Solidarity Act, to help them address significant or large-scale cybersecurity incidents.
3. Ensuring mutual assistance: The mechanism will support a Member State that offers mutual assistance to another Member State affected by a cybersecurity incident.

Cybersecurity Incident Review Mechanism

The Cyber Solidarity Act also establishes the European Cybersecurity Incident Review Mechanism to assess and review specific cybersecurity incidents. At the request of the Commission or of national authorities (the EU-CyCLONe), the EU Cybersecurity Agency (ENISA) will be responsible for the review of specific significant or large-scale cybersecurity incident and should deliver a report that includes lessons learned, and where appropriate, recommendations to improve Union’s cyber response.

Funding

The European Cybersecurity Alert System and the Cybersecurity Emergency Mechanism of this Regulation will be supported by funding under Specific Objective ‘Cybersecurity and Trust’ of the Digital Europe Programme (DIGITAL).

The total budget includes an increase of €100 million that this Regulation proposes to re-allocate from other Strategic Objectives of DEP. This will bring the new total amount available for Cybersecurity actions under DIGITAL to €842.8 million.

Part of the additional €100 million will reinforce the budget managed by the ECCC to implement actions on Cyber Hubs and preparedness as part of their Work Programme(s). Moreover, the additional funding will serve to support the establishment of the EU Cybersecurity Reserve.

It complements the budget already foreseen for similar actions in the main DIGITAL and Cybersecurity DIGITAL work programme from the period 2023-2027 which could bring the total to €551 million for 2023-2027, while €115 million were dedicated already in the form of pilots for 2021-2022. Including Member States contributions, the overall budget could amount up to €1.109 billion.