This platform is optimized to be used in landscape mode

EU Framework and Resources for Cybersecurity of SMEs (EQF: 3-5)

|    Feedback form    |       Play Audio    |    Download content: /

Learning Outcomes

Objectives and goalsClick to read  

At the end of this module you will be able to:

  • Understand the EU cybersecurity policy (its evolution and actors involved)
  • Learn how the EU supports SMEs in the area of cybersecurity
EU Framework and Resources for Cybersecurity of SMEs

SMEs and Cybersecurity in Europe: the contextClick to read  
Evolution of the EU cybersecurity policyClick to read  
EU Institutional architecture in cybersecurityClick to read  

Strand 1 - Cyber crime Strand 2 - Critical information infrastructures protection (CIIP) Strand 3 - Cyber defence
• Justice & Home affairs mandate • Internal Market mandate • Common Security and Defence Policy mandate
• Protection of cybersecurity internally • Security of essential utilities and services for business continuity Protection of cybersecurity externally
• EU's shared competence • EU's exclusive competence • Intergovernmental issue


Level 1
EU institutions
Level 2
EU Agencies
Level 1
Member States

• European Commission
• DG Home
• DG Connect
• European External Action Service (EEAS)
• European Parliament
• EU Computer Emergency Response Team (CERT-EU)


• Europol – European Cybercrime Centre (EC3)
• European Union Agency for Cybersecurity (ENISA)
• European Defence Agency (EDA)


• National Cybercrime Units
• National CERTs NIS competent Authorities
• National Defence and Security Authorities


Source: Christou, G. (2016). Cybersecurity in the European Union: Resilience and Adaptability in Governance Policy

Resources for SMEs Click to read  

• European Union Agency for Cybersecurity (ENISA) supports European SMEs on cybersecurity since 2006.

• Information Packages, reports, guides, guidelines on cybersecurity for SMEs freely available on the ENISA website. Some examples:


Key takeawaysClick to read  

  • The European Union has increased its competences in cybersecurity over the last few years
  • Cybersecurity is a multi-layer policy involving several actors both at national and EU level
  • ENISA supports actively European SMEs in cybersecurity


Test Yourself!


SMEs are the backbone of the European economy and they have been increasingly the target of cyber-attacks. In the last decades, the EU has increased its engagement and competencies in cybersecurity. This module will help to understand better how the EU deals with cybersecurity and which resources have European SMEs to face the challenges from cyber-attacks.


Cybersecurity, European Union


Carrapico, H., & Farrand, B. (2020). Discursive continuity and change in the time of Covid-19: the case of EU cybersecurity policy. Journal of European Integration, 42(8), 1111-1126.

Christou, G. (2016). Cybersecurity in the European Union: Resilience and adaptability in governance policy. Springer.

ENISA (2021), Cybersecurity for SMEs

ENISA website, Link: 

Verizon (2019), Link:

Whyte, C. (2021). European Union: Policy, cohesion, and supranational experiences with cybersecurity. In Routledge Companion to Global Cyber-Security Strategy (pp. 201-210). Routledge.