Cybersecurity centre gets ready to direct EU research

Following its formation in 2021, the European Cybersecurity Competence Centre (ECCC) is on the verge of operating autonomously and is poised to take on the management of Horizon Europe grants in this area.

That will bring the centre closer to the founding ambition of pooling investment in research, development and deployment and creating a single European ecosystem, to strengthen Europe’s cyber defences and coordinate planning by Horizon Europe and the Digital Europe Programme (DEP).

Later this year ECCC will take on the implementation of Horizon Europe cybersecurity calls, with the European Commission handing over this function once the centre is financially independent.

Cybersecurity research accounts for around a third of spending in Cluster 3 of Horizon Europe’s, ‘Civil security for society’, which has a budget of €60.4 million in 2024. The ECCC is currently supporting the directorate general for communications, DG Connect, in implementing the calls, and there is no date yet for the full transfer to the ECCC.

Recent years have seen a surge in cyberattacks on critical infrastructure such as hospitals and energy grids. While new laws including the Cyber Resilience Act and the EU Cyber Solidarity Act focus on setting stricter rules for digital products and on deploying them, research and innovation has a key role to play as threats grow more sophisticated.

“Technology is becoming so pervasive that we need in parallel to ensure there is a good level of protection, not just on the financial market which has been historically better protected, but in the health sector, in transportation, and so on,” ECCC executive director Luca Tagliaretti told Science|Business.

The ECCC’s governing board is made up of representatives from member states and the Commission, but Tagliaretti wants to interact with industry as much as possible when setting priorities, and to help create partnerships. The centre places great importance on supporting SMEs. “These are companies which don’t have the resources necessary to be protected,” he said.

When it comes to the development of new cybersecurity technologies, he doesn’t believe Europe is in a bad position, but says it needs to step up efforts to remain competitive. “You need to keep running to ensure that you’re not falling behind,” Tagliaretti said.

The ECCC is supported by 27 National Coordination Centres (NCCs) that facilitate exchanges between government, industry and researchers at a national level, and make it easier to identify partners for transnational projects. They will provide feedback to the ECCC about which areas should be funded.

The centre has already taken on the management of four DEP grants, supporting 113 projects across Europe, and it hopes to have distributed €700 million in funding by the end of the year. DEP is focused on the deployment of digital technologies, with the EU covering 50% of the project costs.

The ECCC will also interact with other programmes that have a cyber element, including the European Defence Fund (EDF), in order to avoid duplication. EDF recently published its calls for 2024, including a €48 million call for the development of a next-generation cooperative cyber range – a virtual environment used for training or technological development.

Providing a link

Having NCCs to act as focal points in member states is a good idea, and while some countries such as Belgium and Italy quickly got behind the concept, the rest are now catching up, said Matteo Merialdo, of Belgian cybersecurity company Nexova.

He believes the ECCC will play an important role in providing a link between Horizon Europe and DEP, avoiding overlap between research topics and bringing the ecosystem together. “Coordination is essential because there are branches of knowledge where the efforts of a single member state are not enough to compete in a global market,” he said.

European programmes can help to create the critical mass needed to address the EU’s dependence on US cybersecurity products. “I don’t think we have anything to envy the US from a knowledge perspective, but from a coordination perspective there is definitely still an important gap,” Merialdo said.

Merialdo was project manager for ECHO, one of four Horizon 2020 pilot projects set up to lay the groundwork for the ECCC. ECHO brought together 32 partners and 15 affiliated partners to work on specific research topics including simulation and cyber ranges.

In the case of Horizon cybersecurity calls, the networking aspect is even more important than the technology, Merialdo said. Half of the ECHO consortium has come back together for an EDF project, ACTING, which builds on the work of the Horizon 2020 project.

Emerging threats

The European Union Agency for Cybersecurity (ENISA) is also responsible for strengthening cooperation across the continent. In 2019, it was given an expanded mandate under the EU Cybersecurity Act, including a new role in monitoring research and development activities across academia and industry, and advising EU bodies on research needs.

Prokopios Drogkaris, a cybersecurity expert at ENISA, says research and innovation funding is essential to address emerging threats. “As technology moves, so the countermeasures should be able to move at the same pace if not quicker, and for that you need to have at the European level the possibility to proactively anticipate and react to forthcoming threats,” he said.

Drogkaris welcomes the importance given to cybersecurity in the Horizon Europe strategic plan for 2025-2027, which states that further investment is needed in response to “the growing number of incidents in cyberspace and the current geopolitical context”.

There are major technologies, including cloud data storage, digital twins, metaverse applications and artificial intelligence deployment and the transition to post-quantum cryptography, which must be protected. “The cybersecurity of emerging technologies needs to be ensured,” the 2025 – 2027 plan says.

ENISA publishes an annual report on the threat landscape and Drogkaris says recent years have seen a significant increase in terms of malware, misinformation, but also threats against supply chains and denial of service attacks that attempt to overload a network so that it becomes inaccessible. The threat has been exacerbated by ongoing wars and geopolitical tensions.

As Russia’s invasion of Ukraine potently illustrates, cyberattacks are a prominent feature of modern warfare, and many new technologies can have both civil and military applications. One of the ECCC’s objectives is to facilitate cooperation between the civil and defence sectors, although Tagliaretti says the budget for dual-use technologies is small and yet to be fully exploited. “To do that we need to build a relationship with the European Defence Agency, and maybe with NATO,” he said.

The European Commission wants to step up support for dual-use technologies, and is considering reviewing the exclusive civilian clause in parts of Horizon Europe’s successor programme, with cybersecurity one area that could specifically be targeted by new rules.