We value your privacy

We use cookies to enhance your browsing experience and analyze traffic anonymously for internal statistical purposes. By clicking “Accept all,” you consent to the use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site.... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

  • Cookie
    cookieyes-consent
  • Duration
    1 year
  • Description

    CookieYes sets this cookie to remember users' consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about site visitors.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

  • Cookie
    language
  • Duration
    1 anno
  • Description

    This cookie is used to store the user's language preference.

  • Cookie
    post_viewed_
  • Duration
    1 ora
  • Description

    This cookie prevents a single visit to an article from being counted multiple times when the page is refreshed.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

  • Cookie
    _ga_*
  • Duration
    1 anno 1 mese 4 giorni
  • Description

    Google Analytics sets this cookie to count visitors to the page

  • Cookie
    _ga
  • Duration
    1 anno 1 mese 4 giorni
  • Description

    Google Analytics sets this cookie to calculate visitor, session, and campaign data and track site usage for site analytic reporting. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Legal Security

EU Cyber Solidarity Act: strengthening EU cyber security 

Il Cyber Solidarity Act rafforza la cyber security in Europa con un meccanismo di emergenza, hub nazionali e transfrontalieri e una riserva UE per gli incidenti informatici.

Preventing and responding to cyber attacks

28 February 2025

Table of contents

  • A concrete response to cyber threats in Europe 
  • National and cross-border hubs: the new operational centers 
  • Cyber Security Emergency Mechanism: a new crisis response system 
  • EU Cyber Security Reserve: A pool of experts for Europe’s security
  • The role of the Cyber Security Act amendment
  • A Ppradigm shift in European cyber security

The European Union has approved the Cyber Solidarity Act, a new regulation designed to enhance the ability to detect, prevent, and respond to cyberattacks. Regulation (EU) 2025/38 was officially adopted on December 19, 2024, and published in the Official Journal of the European Union on January 15, 2025

Titled the “Regulation establishing measures to strengthen Union solidarity and capacities for detecting, preparing for, and responding to cyber security threats and incidents, and amending Regulation (EU) 2021/694 (Cyber Solidarity Regulation)”, this law aims to improve cooperation among EU Member States by creating shared infrastructures and operational tools to address cyber security threats on a European scale

As part of a broader cyber security package, the regulation also includes an amendment to the 2019 Cyber Security Act, aiming to standardize cyber security services and promote collaboration between public and private entities. 

With the rising number of cyber incidents, the Cyber Solidarity Act introduces a Cyber Security Emergency Mechanism, new operational centers, and a EU Cyber Security Reserve, all of which are fundamental to ensuring stronger protection for critical infrastructure. 

A concrete response to cyber threats in Europe 

In recent years, cyberattacks have increased in frequency and complexity, targeting essential infrastructures such as energy grids, hospitals, and financial institutions. The risk of large-scale cyber security incidents has pushed the EU to adopt a more coordinated and proactive approach. 

The Cyber Solidarity Act is a significant step toward building a more resilient European cyber security system, capable of addressing both national and cross-border threats using advanced prevention and response tools. 

National and cross-border hubs: the new operational centers 

One of the central elements of the Cyber Solidarity Act is the creation of a network of national and cross-border hubs dedicated to cyber security. These operational hubs, spread across member states, will be tasked with monitoring cyber threats in real time, sharing critical information, and coordinating responses to cyber attacks.

The primary objective is to develop a digital security infrastructure that goes beyond national borders, ensuring a collective defense against cyber incidents. Given the increasing interconnection of European infrastructures—from energy networks to healthcare systems—a national and cross-border approach is necessary for effective threat management. 

The role of national hubs in European cyber security 

Each Member State will establish a national cyber security hub, which will serve as a local reference point for cyber security. These hubs will have the following core functions: 

  • Threat monitoring
    Collecting and analyzing cyberattack data to detect recurring patterns and new cybercriminal techniques. 
  • Prevention and mitigation
    Identifying vulnerabilities in national IT systems and implementing advanced protective measures. 
  • Support for public and private entities
    Assisting critical infrastructures, businesses, and institutions in adopting effective security strategies. 
  • Coordination with ENISA
    National hubs will collaborate with the European Union Agency for Cyber Security (ENISA) to ensure a harmonized response to threats across Europe. 

This decentralized network will help Member States strengthen their cyber resilience while maintaining autonomyover security resources and strategies. 

Cross-border cyber hubs: enhancing EU-wide cooperation 

In addition to national hubs, the Cyber Solidarity Act also establishes cross-border cyber hubs, which will be jointly managed by multiple EU countries

These transnational hubs will: 

  • Coordinate cyber incident response at the EU level, ensuring real-time information sharing between affected countries.;
  • Utilize advanced technologies such as artificial intelligence and big data analytics to detect emerging threats;
  • Support joint cyber security operations across multiple Member States during large-scale cyber incidents;
  • Facilitate knowledge and resource sharing, strengthening collaboration between cyber security teams across different nations. 

Each cross-border hub will include at least three Member States, ensuring high-level cooperation and synergy between national authorities. This initiative is a major step toward creating a unified and integrated EU-wide cyber security system. 

Technologies and tools supporting the hubs 

To operate effectively, national and cross-border hubs will leverage cutting-edge technologies, including: 

  • Data-sharing platforms among EU countries, based on high-security standards;
  • Machine learning and artificial intelligence to analyze large volumes of data and identify anomalies;
  • Cyber ranges to simulate attacks and test cyber security teams’ response capabilities. 

These tools will make the national hubs crucial not only for incident response but also for proactive threat prevention

Public-private collaboration: a key factor for cyber security 

The Cyber Solidarity Act emphasizes the importance of public-private partnerships in strengthening European cyber security. 

Technology companies, security service providers, and critical infrastructure operators will play an active role in the EU cyber security network, sharing information about emerging threats and receiving support during attacks. 

This collaboration is essential to protect strategic sectors, such as: 

  • Energy
    Electric grids, nuclear plants, oil and gas pipelines
  • Transport
    Airports, railways, ports, smart traffic systems
  • Healthcare
    Hospitals, digital pharmacies, electronic health records
  • Financial services
    Banks, insurance companies, electronic payment systems

By integrating public and private efforts, the EU aims to develop a resilient and adaptive cyber security ecosystem

Cyber Security Emergency Mechanism: a new crisis response system 

One of the most innovative elements of the Cyber Solidarity Act is the introduction of the Cyber Security Emergency Mechanism, a system designed to ensure rapid and effective intervention in the event of large-scale cyber attacks.

In recent years, cyber incidents have shown how devastating digital threats can have consequences, not only for critical infrastructure, but also for the economy and the security of European citizens. The cross-border nature of many attacks requires a coordinated response among member states, overcoming the limitations of individual national approaches.

The Cyber Security Emergency Mechanism was created precisely to address this challenge, ensuring that the European Union can act promptly in the face of crisis situations, reducing response times and potential damage.

How does the Cyber Security Emergency Mechanism work? 

The mechanism is structured around three key pillars: 

Threat detection and prevention 

  • Continuous monitoring of vulnerabilities in critical sectors (energy, transport, healthcare, finance);
  • Advanced threat analysis using AI and threat intelligence technologies;
  • Real-time information sharing through national and cross-border hubs

Rapid cyber incident response 

  • Immediate deployment of expert teams and technical resources to contain attacks; 
  • Implementation of standardized security protocols for a coordinated member sates EU-wide response;
  • Activation of the EU Cyber Security Reserve, composed of certified security providers ready to support emergency operations. 

Post-attack recovery and resilience 

  • Assistance to affected infrastructures for service restoration;
  • Post-incident assessments to strengthen long-term security; 
  • Continuous training to ensure public and private organizations are prepared for future threats. 

Who decides when to activate the mechanism? 

The Cyber Security Emergency Mechanism follows a structured activation process

  • Incident detection
    A major cyberattack is reported by a cyber security center or national agency. 
  • Risk assessment
    ENISA and national authorities analyze the threat level and determine if EU-wide intervention is necessary. 
  • EU Cyber Security Reserve Deployment
    If the incident is classified as a critical threat, the resources of the EU Cyber Security Reserve, which include experts, technology tools and certified vendors, are mobilized.
  • Coordinated response
    Emergency teams work with Member States to contain the attack and restore operations. 

A proactive, not just reactive system

Unlike other IT crisis management systems, the Cyber Security Emergency Mechanism does not merely intervene after an attack but includes a strong component of prevention and preparedness.

The European Union has allocated specific funding for:

  • Simulation tests and stress tests to assess the resilience of critical infrastructure;
  • Training and awareness programs to enhance the preparedness of cyber security professionals;
  • Development of common standards to ensure a uniform level of protection across all member states.
Official Journal of the European Union

EU Cyber Security Reserve: A pool of experts for Europe’s security

Another innovative element is the creation of the EU Cyber Security Reserve, a group of certified service providers that can be activated in case of an emergency.

This reserve will allow EU member states to access highly specialized resources for handling cyber incidents, preventing delays in damage mitigation operations.

Operators within the EU Cyber Security Reserve must comply with strict security standards and guarantee the availability of:

  • Advanced detection tools;
  • Large-scale operational support;
  • Coordinated response procedures across multiple countries.

The role of the Cyber Security Act amendment

In parallel with the Cyber Solidarity Act, the EU has introduced an update to the 2019 Cyber Security Act. This amendment aims to:

  • Standardize certification for cyber security services;
  • Create a single market for Managed Security Services (MSS);
  • Strengthen trust between businesses and certified security providers.

The goal is to ensure that all entities involved in protecting critical infrastructure adhere to the same high-security standards.

A Ppradigm shift in European cyber security

The adoption of the Cyber Solidarity Act marks a turning point in the European Union’s approach to cyber security. The focus is no longer solely on incident response but also on preparation and prevention, with greater coordination among member states.

Investing in cyber security has become a strategic priority for the EU—not only to protect infrastructure and citizens but also to enhance the global competitiveness of Europe’s tech sector.

The success of this new framework will depend on the ability of member states to collaborate effectively, implementing the new measures with a unified approach.

Questions and answers

  1. What is the Cyber Solidarity Act? 
    It is a European regulation approved to enhance cyber security and strengthen cooperation among Member States in managing cyber threats. 
  1. When was the Cyber Solidarity Act approved? 
    The regulation was proposed in April 2023 and was officially approved in January 2025. 
  1. What is the objective of the Cyber Solidarity Act? 
    To create a coordinated European system for detecting, preventing, and responding to large-scale cyberattacks. 
  1. What are national and cross-border hubs? 
    They are operational centers dedicated to monitoring cyber threats and sharing information among Member States. 
  1. What does the Cyber Security Emergency Mechanism involve? 
    It is a system that enables an immediate response to cyber security crises by coordinating resources across EU countries. 
  1. What is the EU Cyber Security Reserve? 
    It is a pool of certified cyber security service providers that can be activated in case of emergency to support Member States. 
  1. What is the difference between the Cyber Solidarity Act and the Cyber Security Act? 
    The Cyber Solidarity Act introduces new emergency measures, while the 2019 Cyber Security Act regulates the certification of cyber security services. 
  1. What benefits does the Cyber Solidarity Act bring to European businesses? 
    Greater protection against cyberattacks, higher security standards, and a more integrated market for cyber security services. 
  1. Does the Cyber Solidarity Act provide funding for cyber security? 
    Yes, the Digital Europe Programme has been expanded with over €800 million allocated to cyber security. 
  1. What are the challenges in implementing the Cyber Solidarity Act? 
    Ensuring effective collaboration among Member States and guaranteeing that the new measures are uniformly applied. 

5
To top