European Union Cybersecurity Organizations

This post summarizes organizations within or close to European Union (EU) that are related to information security or cybersecurity.

List of European Union Cybersecurity Public Organizations

Non-exhaustive list of European Union Cybersecurity Public Organizations:

  • European Commission
  • ECCC

European Commission

The European Commission is the European Union politically independent executive arm.

It designed a EU Cybersecurity Strategy. You can find more details about this strategy on this link.

The Network and Information Security (NIS) Directive (2016) was promoted by the European Commission on this strategy context. NIS 2 Directive is under development, as of October 2022. You can find more about NIS Directive on this link.

The Digital Operational Resilience Act (DORA) regulates the information and communication technologies (ICT) security on the financial market. As of October 2022, it has not approved yet. You can read more about DORA on this link.


European Union Agency for Cybersecurity (ENISA) is the Union’s agency dedicated to achieving a high common level of cybersecurity across the member countries. More info about ENISA on this exteral link.

ENISA was established in 2004. It is regulated through EU’s Cybersecurity Act (Regulation EU 2019/881).

Before EU 2019/881, it was regulated by (from newer to older):

  • Regulation (EU) No 526/2013 of the European Parliament and of the Council of 21 May 2013 concerning the European Union Agency for Network and Information Security (ENISA) and repealing Regulation (EC) No 460/2004 Text with EEA relevance
  • Regulation (EC) No 460/2004 of the European Parliament and of the Council of 10 March 2004 establishing the European Network and Information Security Agency (Text with EEA relevance)

Its offices are located in Athens and Heraklion, Greece.

It publishes yearly the ENISA Threat Landscape Report (ETL). You can find it on this link.

ENISA provides support to the implementation of NIS Directive.





European Cybersecurity Competence Centre (ECCC) is sometimes referred as European Cybersecurity Network and Cybersecurity Competence Centre.

It helps the EU retain and develop cybersecurity technological and industrial capacities. Unlike ENISA, ECCC is not a formal agency of the European Union.

The objectives of ECCC are:

  1. Funding new cybersecurity research, providing financial support and technical assistance to cybersecurity start-ups and European small- and medium-sized enterprises, as well as promoting cybersecurity standards not only in technology and systems but skills development;
  2. Improving the coordination of research and innovation in cybersecurity and cyber-threat intelligence across the EU and will head up a network of “national coordination centers” (Cyber-NCCs) and will also support the EU’s digital operational resilience efforts for traditional financial services and crypto-asset services providers. Cyber-NCCs will also be responsible for allocating grants and carrying out procurement requests in order to nurture a pan-European “cybersecurity community”.

ECCC was established in 2021, and it is regulated in Network Information Security Directive (NIS2) and Decision (EU) 2021/4.

Its office is based in Bucharest, Romania.

Each state member of the European Union has a National Coordination Centre (NCC). You can check the list on this link.

The National Coordination Centre of Spain is NCC-ES at INCIBE.

ECCC logo




List of private organizations working with the European Union

In addition to the public organizations within the European Union government, there are other private organizations that work with them.

Non-exhaustive list of private organizations working with the European Union:

  • ECSO
  • ESO


European Cyber Security Organisation (ECSO) is not a public institution, but a private non-for-profit organisation. It works in partnership with European Commission for the implementation of a Cybersecurity Public-Private Partnership (cPPP), that was signed on 2016, the same year that ECSO was established. More info about ECSO on this link.

Its office is based in Brussels, Belgium.

ECSO logo





European Organisation for Security (EOS) is not a public institution, but a private organisation. It was established in 2007. For more info about EOS, check this link.

It would be what is commonly known as a lobby, it means, a private organization whose goal is to influence in the actions, policies, or decisions of government officials by lawful means.

Its office is located in Brussels, Belgium.

EOS logo




European Union Cybersecurity Projects


CyberSec4Europe is a s a research and innovation pilot for the planned ECCC in Bucharest and the Network of cybersecurity expertise.

It is constituted as research-based consortium with a total of 44 participants (both public and private) from 21 EU Member States and associated countries. It has received scores of support letters and pledges of cooperation from public administrations, international organisations, and key associations worldwide, including Europe (e.g. ECSO), Asia, and North America.

You can find more info about CyberSec4Europe on this link.



Do you find that any EU organization is missing? Please leave a comment if this is the case.

You might be also interested in…

External references

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *