EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • European Cybersecurity Reserve: The Union Builds a Common Shield
    • Home
    • Cybersecurity
    • European Cybersecurity Reserve: The Union Builds a Common Shield

    European Cybersecurity Reserve: The Union Builds a Common Shield

    Written by
    Fabrice Deblock
    10.20.25
    Cybersecurity Digital transformation
    04
    MIN
    European Cybersecurity Reserve: The Union Builds a Common Shield
    European Cybersecurity Reserve: The Union Builds a Common Shield
    European Cybersecurity Reserve: The Union Builds a Common Shield
    Image From theory to practice: Belgium’s experience implementing the NIS2 directive
    Cybersecurity
    03.02.26 Cybersecurity
    Next article
    From theory to practice: Belgium’s experience implementing the NIS2 directive
    Read
    08
    MIN
    Image Chinese Cyber-Espionage Group Exploits Critical 0-Day in Dell RecoverPoint
    Cybersecurity
    02.19.26 Cybersecurity
    Next article
    Chinese Cyber-Espionage Group Exploits Critical 0-Day in Dell RecoverPoint
    Read
    02
    MIN
    Image Cyberattacks Targeting the Defense Industrial Base Are Increasing
    Cybersecurity
    02.17.26 Cybersecurity
    Next article
    Cyberattacks Targeting the Defense Industrial Base Are Increasing
    Read
    01
    MIN
    Image United States: Joshua Rudd could be appointed to lead Cyber Command and the NSA
    Cybersecurity
    02.13.26 Cybersecurity
    Next article
    United States: Joshua Rudd could be appointed to lead Cyber Command and the NSA
    Read
    01
    MIN
    With a budget of €36 million, the European Cybersecurity Reserve now brings together 45 service providers. In the event of a major crisis, it is designed to act as a reinforcement team ready to be deployed. Its management has been entrusted to the EU Agency for Cybersecurity (ENISA).

    The European Cybersecurity Reserve is arguably the most tangible instrument of the Cyber Solidarity Act, the European regulation adopted by the EU Council in December 2024 and entered into force in February 2025. Supervised by the EU Agency for Cybersecurity (ENISA), the Reserve is funded with €36 million.

    This budget complements ENISA’s annual funding (€26.9 million for 2025) and will be used for operational purposes over a three-year period. The initiative lays the groundwork for a genuine European response capability and aims to support Member States facing major incidents affecting their critical infrastructures.

    45 European Providers Already Selected

    The Reserve is made up of technical teams from 45 private European providers. These companies were selected by ENISA following a public call for tenders in 2025, in accordance with Article 14 of the Cyber Solidarity Act. Together, they form a pool of trusted managed security service providers, able to intervene rapidly when required.

    To qualify, companies must be established in an EU Member State and/or controlled by EU nationals. This requirement is verified through an Ownership Control Assessment (OCA) to ensure that the Reserve remains free from any non-European influence. Selected providers must also demonstrate proven incident-response capabilities, crisis-management maturity and compliance with NIS2, ISO 27001 or other relevant European standards. Additional criteria include 24/7 availability, confidentiality guarantees and rapid-response capacity.

    Among the 45 providers selected in 2025 are SMEs, mid-caps, large groups and consortia such as Airbus Protect (France), Spike Reply (Germany), the CINI (Consorzio Interuniversitario Nazionale per l’Informatica, Italy) and the CSA (Centro Regional de Servicios Avanzados, Spain). Each provider can be mobilized at the request of Member States or CERT-EU.

    Main Target: Operators of Critical Sectors

    The services of the European Cybersecurity Reserve are intended for operators in critical sectors defined by the NIS2 directive, as well as EU institutions, bodies, offices and agencies. These services may also be requested by third countries associated with the Digital Europe Programme (DEP), whose agreements include access to the Reserve.

    In practice, ENISA examines support requests submitted by national cyber-crisis management authorities and/or their CSIRTs. For EU institutions, requests are handled by CERT-EU. For countries associated with the Digital Europe Programme, ENISA forwards the requests to the European Commission.

    In cooperation with the Commission and EU-CyCLONe (European Cyber Crisis Liaison Organisation Network), ENISA has developed a mechanism to streamline the submission and handling of such requests.

    Pre-contracted services within the Reserve may, under the Cyber Solidarity Act and relevant contracts, be converted into preparedness services for prevention and incident response when not used for active crisis response — ensuring an efficient use of EU funds.

    A Fully Operational Mechanism by the End of 2025

    The European Commission’s objective is to make the Reserve fully operational by the end of 2025. The three-year funding period, part of the Digital Europe Programme 2025-2027, is designed to consolidate the contractual framework and test initial cross-border deployments. Coordination exercises will be organized to assess reactivity and coherence between providers and Member States before the mechanism reaches full capacity.

    With the European Cybersecurity Reserve, the European Union takes a decisive step toward tangible digital solidarity. Both operational and strategic, this initiative marks the first attempt to pool European response capabilities against major cyberattacks. By mobilizing qualified European providers, selected on the basis of sovereignty and reliability criteria, the Union reaffirms its ambition to build a trusted and resilient defense ecosystem.

    Beyond its technical scope, the Reserve reflects a political evolution: that of a Europe no longer content to harmonize rules, but ready to act collectively. Its operational rollout by the end of 2025 will serve as a real-world test of coordination between Member States, EU institutions and private actors. If successful, the initiative could become one of the cornerstones of Europe’s strategic autonomy in cybersecurity — alongside its defense and civil-security frameworks.

    Focus: The Cyber Solidarity Act

    The Cyber Solidarity Act (Regulation (EU) 2025/38) was designed to organize a coordinated response to major cyber incidents within the European Union. It rests on several complementary pillars:
    The European Cybersecurity Shield, a network of interconnected operational centers (CSIRTs, CERTs) for the detection, analysis and rapid sharing of cyber-threat alerts and information.
    The Cybersecurity Emergency Mechanism, which structures joint preparedness, coordination and cybersecurity exercises to strengthen collective resilience before a crisis occurs
    The European Cybersecurity Reserve, dedicated to immediate response, mobilizing specialized providers for rapid intervention during critical incidents.

    Together, these three components form a complete defense chain — from detection and reporting to response and remediation — ensuring comprehensive coverage against cyber threats.

    Fabrice Deblock
    10.20.25
    Articles by the same author:
    1
    03.02.26 Cybercrime
    Dark web: from the theft of customer databases to the resale of access, anatomy of the data available
    Read
    05
    MIN
    2
    02.19.26 Cyber +
    Cyber startups: 10 tips for moving from concept to commercialization
    Read
    08
    MIN
    3
    02.09.26 Cybersecurity
    Cybersecurity for mid-sized companies: from awareness to strategic structuring
    Read
    05
    MIN
    4
    01.15.26 Cybercrime
    Hyper-Volumetric DDoS Attacks: The Threat Reaches a New Scale
    Read
    07
    MIN
    Image From theory to practice: Belgium’s experience implementing the NIS2 directive
    Cybersecurity
    03.02.26 Cybersecurity
    Next article
    From theory to practice: Belgium’s experience implementing the NIS2 directive
    Read
    08
    MIN
    Image Chinese Cyber-Espionage Group Exploits Critical 0-Day in Dell RecoverPoint
    Cybersecurity
    02.19.26 Cybersecurity
    Next article
    Chinese Cyber-Espionage Group Exploits Critical 0-Day in Dell RecoverPoint
    Read
    02
    MIN
    Image Cyberattacks Targeting the Defense Industrial Base Are Increasing
    Cybersecurity
    02.17.26 Cybersecurity
    Next article
    Cyberattacks Targeting the Defense Industrial Base Are Increasing
    Read
    01
    MIN
    Image United States: Joshua Rudd could be appointed to lead Cyber Command and the NSA
    Cybersecurity
    02.13.26 Cybersecurity
    Next article
    United States: Joshua Rudd could be appointed to lead Cyber Command and the NSA
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.