EU Cybersecurity Reserve

Content

The EU Cybersecurity Reserve will provide trusted cybersecurity services to support EU entities in responding to and recovering from major cyber incidents.

Purpose and scope

The EU Cybersecurity Reserve has been established to assist, upon request, EU Member States, EU Institutions, Bodies and Agencies (EUIBAs), and, where applicable, DEP-associated third countries in responding to  (or supporting responses to) cybersecurity incidents. The Reserve will therefore primarily cover ex-post incident response services.

To ensure the effective use of Union funding, pre-committed services may, in line with the relevant contract, be converted into preparedness services (focused on incident prevention and response) if they are not used for incident handling.

ENISA's role

Once formally appointed as the contracting authority, ENISA will:

  • Procure services for the Reserve,
  • Assess requests for support from Member States’ cyber crisis management authorities and CSIRTs, and
  • Respond to requests from CERT-EU on behalf of Union institutions, bodies, offices, and agencies.

Benefits and Trusted Providers

The EU Cybersecurity Reserve could also contribute to strengthening the competitive position of industry and services in the Union across the digital economy, including microenterprises, SMEs and start-ups, by providing incentives for investment in research and innovation. ENISA looks forward to cooperating with such companies to increase the competitiveness of the EU cybersecurity market.

Trusted managed security services providers selected to be included in the EU Cybersecurity Reserve have all successfully passed the ownership control assessment (OCA) conducted to determine whether they are directly or indirectly controlled by Member States or by nationals of Member States (or by entities or nationals of specified eligible countries).

Funding and Background

The EU Cybersecurity Reserve is part of the Digital Europe Work Programme 2025-2027, which allocates EUR 36 million to enhance response and reporting for cyber threats and incidents across the EU.

The EU Cyber Solidarity Act, which came into force in February 2025, provides the legal basis for the Reserve. Services are delivered by trusted cybersecurity experts to support response and recovery during significant or large-scale incidents.

Given ENISA’s extensive experience with the Cybersecurity Support Action, the European Commission entrusted the Agency with the operation and administration of the Reserve.

Back to main topic