This post summarizes organizations within or close to European Union (EU) that are related to information security or cybersecurity.
List of European Union Cybersecurity Public Organizations
Non-exhaustive list of European Union Cybersecurity Public Organizations:
- European Commission
The European Commission is the European Union politically independent executive arm.
It designed a EU Cybersecurity Strategy. You can find more details about this strategy on this link.
The Network and Information Security (NIS) Directive (2016) was promoted by the European Commission on this strategy context. NIS 2 Directive is under development, as of October 2022. You can find more about NIS Directive on this link.
The Digital Operational Resilience Act (DORA) regulates the information and communication technologies (ICT) security on the financial market. As of October 2022, it has not approved yet. You can read more about DORA on this link.
European Union Agency for Cybersecurity (ENISA) is the Union’s agency dedicated to achieving a high common level of cybersecurity across the member countries. More info about ENISA on this exteral link.
ENISA was established in 2004. It is regulated through EU’s Cybersecurity Act (Regulation EU 2019/881).
Before EU 2019/881, it was regulated by (from newer to older):
- Regulation (EU) No 526/2013 of the European Parliament and of the Council of 21 May 2013 concerning the European Union Agency for Network and Information Security (ENISA) and repealing Regulation (EC) No 460/2004 Text with EEA relevance
- Regulation (EC) No 460/2004 of the European Parliament and of the Council of 10 March 2004 establishing the European Network and Information Security Agency (Text with EEA relevance)
Its offices are located in Athens and Heraklion, Greece.
It publishes yearly the ENISA Threat Landscape Report (ETL). You can find it on this link.
ENISA provides support to the implementation of NIS Directive.
European Cybersecurity Competence Centre (ECCC) is sometimes referred as European Cybersecurity Network and Cybersecurity Competence Centre.
It helps the EU retain and develop cybersecurity technological and industrial capacities. Unlike ENISA, ECCC is not a formal agency of the European Union.
The objectives of ECCC are:
- Funding new cybersecurity research, providing financial support and technical assistance to cybersecurity start-ups and European small- and medium-sized enterprises, as well as promoting cybersecurity standards not only in technology and systems but skills development;
- Improving the coordination of research and innovation in cybersecurity and cyber-threat intelligence across the EU and will head up a network of “national coordination centers” (Cyber-NCCs) and will also support the EU’s digital operational resilience efforts for traditional financial services and crypto-asset services providers. Cyber-NCCs will also be responsible for allocating grants and carrying out procurement requests in order to nurture a pan-European “cybersecurity community”.
ECCC was established in 2021, and it is regulated in Network Information Security Directive (NIS2) and Decision (EU) 2021/4.
Its office is based in Bucharest, Romania.
Each state member of the European Union has a National Coordination Centre (NCC). You can check the list on this link.
The National Coordination Centre of Spain is NCC-ES at INCIBE.
List of private organizations working with the European Union
In addition to the public organizations within the European Union government, there are other private organizations that work with them.
Non-exhaustive list of private organizations working with the European Union:
European Cyber Security Organisation (ECSO) is not a public institution, but a private non-for-profit organisation. It works in partnership with European Commission for the implementation of a Cybersecurity Public-Private Partnership (cPPP), that was signed on 2016, the same year that ECSO was established. More info about ECSO on this link.
Its office is based in Brussels, Belgium.
European Organisation for Security (EOS) is not a public institution, but a private organisation. It was established in 2007. For more info about EOS, check this link.
It would be what is commonly known as a lobby, it means, a private organization whose goal is to influence in the actions, policies, or decisions of government officials by lawful means.
Its office is located in Brussels, Belgium.
European Union Cybersecurity Projects
CyberSec4Europe is a s a research and innovation pilot for the planned ECCC in Bucharest and the Network of cybersecurity expertise.
It is constituted as research-based consortium with a total of 44 participants (both public and private) from 21 EU Member States and associated countries. It has received scores of support letters and pledges of cooperation from public administrations, international organisations, and key associations worldwide, including Europe (e.g. ECSO), Asia, and North America.
You can find more info about CyberSec4Europe on this link.
Do you find that any EU organization is missing? Please leave a comment if this is the case.
You might be also interested in…
- L. Chitu et al; “Meet the ECCC – the EU’s new cybersecurity competence center“; JDSupra