This cluster assesses the capacity of Member States to raise awareness of cybersecurity risks and threats and to strengthen cyber-resilience and hygiene. It also evaluates their ability to continuously develop cybersecurity capabilities and enhance the overall level of knowledge and skills within this domain. Furthermore, it addresses improvements in incident preparedness and response as well as advancements in cybersecurity R&D.

This cluster evaluates cooperation and information sharing between different stakeholders at both the national and international level (including as part of mutual assistance processes), recognising it as an important tool for better understanding and responding to a constantly changing threat environment. It also assesses the capacity of Member States to address and counter the cybercriminal activities.

This cluster measures the capacity of Member States to establish effective governance and good practices in the cybersecurity domain. It considers various aspects of national cybersecurity governance, risk assessment and management, while supporting the development of crisis management and incident reporting mechanisms, and fostering trust in public services and digital identities.

This cluster measures the capacity of Member States to establish the necessary regulatory and policy instruments to improve supply chain cybersecurity, promote active cyber protection, and to safeguard critical information infrastructure. It also assesses their capacity to create a policy framework for Coordinated Vulnerability Disclosure or a regulatory framework that balances security with privacy.