Preparedness Support and Mutual Assistance, Targeting Larger Industrial Operations and Installations

0 保存 · 0 分享 · 0 评论参与讨论

资助机构

Digital Europe Programme (DIGITAL)

European Commission

研究领域

Security

Data Security and Privacy

Network security

Trust

Cybersecurity-aware culture

Cybersecurity

截止日期

2025-01-21

基金规模

€35000000

申请资格

Conditions

1. Admissibility conditions: described in section 5 of the call document

Proposal page limits and layout: described in Part B of the Application Form available in the Submission System

2. Eligible countries: described in section 6 of of the call document

3. Other eligibility conditions: described in section 6 of the call document

4. Financial and operational capacity and exclusion: described in section 7 of the call document

5. Evaluation and award:

Award criteria, scoring and thresholds: described in section 9 of the call document

Submission and evaluation processes: described section 8 of the call document and the Online Manual

Indicative timeline for evaluation and grant agreement: described in section 4 of the call document

6. Legal and financial set-up of the grants: described in section 10 of the call document

Documents

Call document is accessible here

Standard application form — call-specific application form is available in the Submission System

Detailed budget table - available in the Submission System

DIGITAL EUROPE PROGRAMME General MGA v1.0

Guidance Classification of information in DIGITAL projects

Guidelines on How to Complete your Ethics Self-Assessment

WORK PROGRAMME - Cybersecurity Work Programme 2023-2024

Digital Europe - Regulation 2021/694

EU Financial Regulation 2018/1046

基金编号

DIGITAL-ECCC-2024-DEPLOY-CYBER-07-LARGEOPER

说明

ExpectedOutcome:

preparedness support services
threat assessment and risk assessment services
risk monitoring services

Objective:

This mechanism aims to complement and not duplicate efforts by Member States and those at Union level to increase the level of protection and resilience to cyber threats, in particular for large industrial installations and infrastructures, by assisting Member States in their efforts to improve the preparedness for cyber threats and incidents by providing them with knowledge and expertise.

Scope:

The provision of preparedness support services (ex-ante) shall include activities listed below, addressing for example large industrial installations or infrastructures, operators of essential services, digital service providers and governmental entities:

Support for testing for potential vulnerabilities:

Development of penetration testing scenarios. The proposed scenarios may cover Networks, Applications, Virtualisation solutions, Cloud solutions, Industrial Control systems, and IoT.
Support for conducting testing of essential entities operating critical infrastructure for potential vulnerabilities.
Support the deployment of digital tools and infrastructures supporting the execution of testing scenarios and for conducting exercises such as the development of standardised cyber-ranges or other testing facilities, able to mimic features of critical sectors (e.g., energy sector, transport sector etc.) to facilitate the execution of cyber-exercises, in particular within cross-border scenarios where relevant.
Evaluation and/or testing of MS cybersecurity capabilities (including capabilities to prevent, detect and respond to incidents).
Consulting services, providing recommendations on how to improve infrastructure security and capabilities

Support for threat assessment and risk assessment:

Threat Assessment process implementation and life cycle
Customised risk scenarios analysis.

Risk monitoring service:

Specific continuous risk monitoring such as attack surface monitoring, risk monitoring of assets and vulnerabilities.

Preparedness actions should benefit entities (including SMEs and start-ups) in sectors indicated as critical infrastructure sectors in NIS2 (Directive (EU) 2022/2555), such as energy, transport and banking, and entities in other relevant sectors.

This action aims at the creation of platforms that serve as a reference point and provide services such as penetration testing and threat assessments for providers of essential services and critical infrastructures, as well as other actors. This involves data and operational measure regarding cybersecurity, including penetration tests and exploitable vulnerabilities. Such information could be exploited by malicious actors, and thus it must be protected against possible dependencies and vulnerabilities in cybersecurity to pre-empt foreign influence and control. As previously noted, participation of non-EU entities entails the risk of highly sensitive information about security infrastructure, risks and incidents being subject to legislation or pressure that obliges those non-EU entities to disclose this information to non-EU governments, with an unpredictable security risk. Therefore, based on the outlined security reasons, the actions relating to these technologies are subject to Article 12(5) of Regulation (EU) 2021/694, in consistency with WP 2021/2022.

基金资源
Purdue Grant Writing Lab: Introduction to Grant Writing	打开链接
University of Wisconsin Writing Center: Planning and Writing a Grant Proposal	打开链接