About the project

INCIDENTRON is an EU-funded project focused on improving how organizations report and manage cybersecurity incidents. It develops a modular and scalable architecture, an open-source incident reporting framework, and a platform that supports end-to-end reporting across major EU regulations including NIS2, CER, DORA, GDPR, and the Cyber Resilience Act (CRA). The project runs for 36 months under the acronym INCIDENTRON.

The project simplifies reporting workflows, reduces administrative effort, and strengthens collaboration between MSSPs, end users, National CSIRTs, Law Enforcement Agencies, and European authorities. By integrating real-life cases and training exercises, INCIDENTRON enhances Europe’s overall incident preparedness and response capabilities.

The project aims to:

1. Automate workflows

Streamline, automate and improve incident reporting workflows between MSSPs, end users and reporting authorities; address disparities in reporting requirements across member states and overlapping mandates with current and future regulations and requirements (NIS2, CER, GDPR, DORA, CRA, eIDAS2, AI Act, CSA, etc.).

2. Improve existing platforms

By collaboration complement the existing initiatives in threat intel sharing, collaboration, responsible vulnerability disclosure platforms and EU-sharing platform. Do so by, amongst other, focusing on streamlining the mandatory incident reporting challenges.

3. Build skills

Enhance incident preparedness and crisis response by creating real-world scenarios, hands on training and simulation exercises through the Cyber Range.

4. Strengthen EU's cyber resilience

Strengthen EU-wide cybersecurity resilience by facilitating threat sharing and shared situational awareness, cooperative incident response among stakeholders and improved efficiency and accuracy of reporting.

5. Harmonize

Foster cross-border harmonization by creating a unified approach to incident reporting across EU Member States, reducing inconsistencies in regulatory requirements.

6. Optimize

Minimize the complexity and effort required for organizations to meet their reporting obligations under multiple frameworks; reduce the administrative and operational burden for organizations and authorities.

7. Standartize

Increase compliance rates with EU regulations due to standardized reporting tools.

8. Improve

Improve (collaborative) incident response capabilities across the EU.

9. Make informed decisions

Realize better-informed decision-making through shared situational awareness.

10. Strengthen competitveness

Strengthen the competitiveness of European MSSPs and cybersecurity and compliance solution providers.

11. Improve CI resilience

Strengthen resilience and competitiveness of EU Critical Infrastructure and Essential Services.

12. Support collaboration

Increase Europe’s ‘cyber-safety’ by supporting collaboration between critical entities, LEAs and artifact analysis, extending response to investigation, attribution, disruption and ultimately prosecution of actors.

We expect the following results:

1. Cost reduction

Incident management solutions reducing the overall costs of cybersecurity for individual member states and for the EU as a whole.

2. Better compliance

Better compliance with NIS2 (Directive (EU) 2022/2555) and higher levels of situational awareness and crisis response in member states.

3. Valuable content

Organisation of events, workshops, stakeholder consultations and white papers.

4. Better cooperation

Enhanced cooperation, preparedness and cybersecurity resilience in the EU.

5. Effective CRA enforcement

Effective supervision and enforcement of the CRA by the market surveillance authorities and adequate capabilities of notifying authorities and national accreditation bodies for the implementation of the CRA.

Project partners

Project coordinator: Adomas Ūselis

Senior Project Manager

INCIDENTRON is funded under the DIGITAL-ECCC-2024-DEPLOY-CYBER-07-CYBERSEC-02. It is a DIGITAL-JU-SIMPLE action (Simple Grants) with proposal number 101249201.