CyberHUBs Capacity Building

Context

Europe’s rapid digital transformation has increased exposure to sophisticated and cross-border cyber threats, prompting the EU to reinforce its collective resilience through the Cyber Solidarity Act and the Digital Europe Programme. Within this effort, the ECCC’s 2026 Call 10 strengthens Europe’s cybersecurity infrastructure through two linked topics: DIGITAL-ECCC-2026-DEPLOY-CYBER-10-NCH — National Cyber Hubs, which will serve as national centres for cybersecurity data analysis and coordination, and DIGITAL-ECCC-2026-DEPLOY-CYBER-10-CBCH — Cross-Border Cyber Hubs, which will connect these nodes to enable real-time intelligence sharing and a unified EU-wide response.
Together, these hubs will enhance early threat detection, support protection of critical infrastructure, and advance a more sovereign, coordinated, and resilient European cybersecurity ecosystem.

Aims

DIGITAL-ECCC-2026-DEPLOY-CYBER-10-NCH — National Cyber Hubs:

• Establish or strengthen National Cyber Hubs equipped with advanced tools to monitor, analyse, and manage cyber events.
• Operate in close coordination with CSIRTs, ISACs, and other national cybersecurity entities.
• Leverage information from other domestic Cyber Hubs to enhance situational awareness and aggregated analysis.
• Provide early warnings to critical infrastructures based on a need-to-know approach.
• Potentially extend capabilities to monitor undersea infrastructure, including submarine cables.

DIGITAL-ECCC-2026-DEPLOY-CYBER-10- CBCH — Cross-Border Cyber Hubs:

• Establish and support new Cross-Border Cyber Hubs, while enabling collaboration with SOCs launched under previous DIGITAL programmes.
• Implement processes, tools, and services for prevention, detection, and analysis of emerging cyberattacks.
• Acquire or adopt common automation tools, shared processes, and EU-wide data infrastructures for exchanging contextualised, actionable cybersecurity information.
• Use open standards for cyber threat intelligence sharing (e.g., MISP Standard, CSAF, IntelMQ).
• Consider capabilities for monitoring undersea infrastructure, including submarine cables.

Eligibility Criteria

In order to be eligible, the applicants (beneficiaries and affiliated entities) must:

• be legal entities (public or private bodies)
• be established in one of the eligible countries, i.e.:
  • EU Member States (including overseas countries and territories (OCTs))
  • EEA countries (Norway, Iceland, Liechtenstein)

Targeted Stakeholders

• Public bodies
• National Cyber Hubs

Funding

• Total available funding: EUR 4.000.000
• Total Funding by topic: EUR 2.000.000
• Type of action and funding rate: Simple Grants — 50% funding rate

Timeline

• Call opening: 9 December 2025
• Deadline for submission: 28 May 2026 – 17:00:00 CET (Brussels)
• Evaluation: June – July 2026
• Information on evaluation results: July – August 2026
• GA signature: November 2026