Aims of this proposal
By managing the cybersecurity funds under the next multi-annual financial framework 2021-2027, the initiative will help to create an inter-connected, Europe-wide cybersecurity industrial and research ecosystem. It should encourage better cooperation between relevant stakeholders, including between cybersecurity civilian and defence sectors.
This cooperation will help stakeholders to make the best use of existing cybersecurity resources and expertise spread across Europe. The initiative builds on the expertise that already exists in more than 660 cybersecurity expertise centres from all Member States who responded to a survey conducted by the European Commission in 2018.
The initiative should help the EU and Member States take a proactive, longer-term and strategic perspective to cybersecurity industrial policy going beyond research and development only. This approach should help not only to come up with breakthrough solutions to the cybersecurity challenges which the private and public sectors are facing but also support the effective deployment of these solutions.
It will allow relevant research and industrial communities as well as public authorities to gain access to key capacities such as testing and experimentation facilities, which are often beyond the reach of individual Member States due to insufficient financial and human resources. Furthermore, the initiative will contribute to closing the skills gap and to avoiding a brain drain by ensuring access of the best talents to large-scale European cybersecurity research and innovation projects and therefore providing interesting professional challenges.
Network of National Coordination Centres
Each Member State will nominate one National Coordination Centre. They will function as contact points at the national level for the Competence Community and the Competence Centre. They are the "gatekeeper" for the Community in their country support to carry out actions under this Regulation, and they can pass on financial support to national/local ecosystems.
The Cybersecurity Competence Community
This Community will involve a large, open, and diverse group of actors involved in cybersecurity technology, including in particular research entities, supply/demand-side industries and the public sector. It will provide input to the activities and work plan of the Competence Centre. And, it will benefit from the community-building activities of the Competence Centre and the Network.
The European Cybersecurity Industrial, Technology and Research Competence Centre
The Competence Centre will facilitate and help coordinate the work of the Network and nurture the Cybersecurity Competence Community, driving the cybersecurity technological agenda and facilitating common access to the expertise of national centres. The Competence Centre will in particular do so by implementing relevant parts of the Digital Europe and Horizon Europe programmes by allocating grants and carrying out procurements.
Tasks and objectives
The Competence Centre will seek to achieve its overall mission by:
- setting up and helping to coordinate the National Coordination Centres Network and the Cybersecurity Competence Community;
- implementing cybersecurity-related financial support from Horizon Europe and Digital Europe Programmes.
This will feed into the following objectives:
- contributing to the wide deployment of the latest cybersecurity technology, in particular through carrying out or supporting procurement of products and solutions;
- providing financial support and technical assistance to cybersecurity start-ups and SMEs to connect them to potential markets and to attract investment;
- supporting research and innovation based on a comprehensive industrial and research agenda, including large-scale research and demonstration projects in next-generation cybersecurity capabilities;
- driving high cybersecurity standards not only in technology and cybersecurity systems but also in skills development;
- facilitating the cooperation between the civil and defence spheres with regard to dual use technologies and applications, and enhancing civil-defence synergies in relation to the European Defence Fund.
The Centre’s principal decision-making body is the Governing Board, in which all Member States take part but only those Member States which participate financially have voting rights. The voting mechanism in the Governing Board is proposed as a double majority principle requiring 75% of the financial contribution and 75% of the votes. In view of its responsibility for the Union budget, the European Commission holds 50% of the votes. The Governing Board is assisted by an Industrial and Scientific Advisory Board to ensure regular dialogue with the private sector, consumers’ organisations and other relevant stakeholders.
The European Commission proposes that the Competence Centre is funded jointly by the European Union and the participating Member States through financial contributions.
The European Commission has placed cybersecurity high on the agenda for the next long-term EU budget for years 2021-2027. Under the new Digital Europe programme the European Commission proposed in 2018 to invest €2 billion into safeguarding the EU's digital economy, society and democracies through polling expertise, boosting EU's cybersecurity industry, financing state-of-the-art cybersecurity equipment and infrastructure. Cybersecurity research and innovation will additionally be supported under the Horizon Europe programme.
The Competence Centre and Network will also seek to achieve synergies with other relevant EU programmes where appropriate.
The participating Member States should match the EU's financial contribution with investments of the same amount in line with their priorities and with co-financing of the running costs of the Centre and the Network.
The concrete funding priorities will be established as part of the Competence Centres annual Work Plan, which will be adopted by the Governing Board after having received input from the Industrial and Scientific Advisory Group.
It is envisioned that the bulk of the funding will be allocated through open calls for proposals and calls for tender. Stakeholders know this system from the past Research and Innovation Framework Programmes. In these cases, the Competence Centre will manage and eventually disburse financial support to recipients, which would typically be academic and research entities, industrial companies, or public authorities.
The Competence Centre will also seek to promote joint procurement of strategic cybersecurity infrastructures and tools together with one or several other entities – typically public authorities.
Some funding will be made available directly to National Coordination Centres for them to carry out tasks under this Regulation.
National Coordination Centres will also be able to financially support their respective national ecosystems through the use of so-called cascading grants.