Cross-Border Cyber Hubs

Expected Outcome:World-class Cross-Border Cyber Hubs across the Union for pooling data on cybersecurity threats between several Member States, equipped with a highly secure infrastructures and advanced data analytics tools for detecting, gathering and storing data on cybersecurity threats, analysing this data, and sharing and reporting CTI, reviews and analyses.Sharing of Threat Intelligence between National Cyber Hubs, and information sharing agreements with competent authorities and networks, including CSIRTs. Objective:The former Cross-border SOC platforms were financed during previous calls and such collaboration is envisaged for the Cross-Border Cyber Hubs. They should provide new additional capacity building upon and complementing existing SOCs/Cyber Hubs, Computer Security Incident Response Teams (CSIRTs), ISACs and other relevant actors.This action is aimed mainly at new Cross-Border Cyber Hubs. Supporting activities for the SOCs that were already launched under the previous DIGITAL work programmes (2021-2022 and 2023-2024)1 could also be included when relevant to ensure collaboration with the Cross-Border Cyber Hubs.In addition to setting up processes, tools and services for prevention, detection and analysis of emerging cyberattacks, the scope also covers the acquisition and/or adoption of common (automation) tools, processes and shared data infrastructures for the management and sharing of contextualised and actionable cybersecurity operational information across the EU. Well-established open standards for CTI sharing (e.g. MISP Standard2) or automation of advisory information (e.g. CSAF3) and cybersecurity related messages (e.g. by IntelMQ) should be considered. Cross-Border Cyber Hubs could also foresee the possibility to monitor undersea infrastructure, such as submarine cables.1 ENSOC and ATHENA consortia are already financed. 2 MISP Standard: https://www.misp-standard.org/. 3 Common Security Advisory Framework (CSAF): Machine-processable format enabl