Who we are?
CYBERFORT is a strategic initiative that draws on the knowledge and innovation developed through key European projects under the Digital Europe Programme, Horizon 2020, and Horizon Europe, particularly within the Secure Societies challenge. This strong foundation is reflected in our consortium’s diverse expertise and geographic reach. The project brings together leading partners in cybersecurity, advanced technology, legal and regulatory domains, and sector-specific innovation. Partners such as CLONE and BOLTON drive advanced threat detection and defense, while I-ELINK bridges software development with sectoral implementation. DNSC and ENC contribute essential legal and policy expertise, enhancing regulatory alignment. CYBERFORT engages with critical sectors through targeted use cases—ranging from maritime and energy to finance—to deliver practical, CRA-aligned cybersecurity solutions. This integrated approach positions CYBERFORT to strengthen digital resilience and advance CRA compliance across Europe.
Project summary
CYBERFORT is a strategic initiative co-funded under the Digital Europe Programme (DIGITAL-ECCC-2024-DEPLOY-CYBER-06), dedicated to strengthening the cybersecurity resilience of European Small and Medium-sized Enterprises (SMEs)—with a particular focus on micro and small businesses. In alignment with the Cyber Resilience Act (CRA), the project develops and deploys a comprehensive suite of automated, user-friendly, and open-source compliance tools, supported by training, risk assessment frameworks, and best practice guidance. These solutions are centralized on the CYBERFORT platform, designed to simplify CRA implementation while improving digital security across various sectors.
The project brings together a diverse consortium of technical experts, legal authorities, industry leaders, and national bodies, combining complementary expertise to ensure widespread CRA compliance. CYBERFORT supports Managed Security Service Providers (MSSPs) and SMEs through a range of sector-specific use cases—including maritime (COLUMBIA), energy (EPG), finance (DEALIO), and cybersecurity service providers (CLONE SYSTEMS)—that demonstrate how CyberFort can address real-world cybersecurity needs.
Through a modular Compliance Management Software and features like vulnerability assessment, CRA-aligned documentation tools, policy libraries, and integration with major cloud services, CYBERFORT enables scalable and dynamic compliance across CRA, ISO 27001, PCI DSS, and NIS2 standards. It also includes training resources, evidence tracking, risk scoring, vendor evaluation, and robust policy management, all accessible through intuitive dashboards and stakeholder portals.
With a clear focus on equity, accessibility, and sustainability, CYBERFORT reduces financial and technical barriers to CRA compliance. It leverages free and open-source solutions, and collaborates with entities such as ENISA, NCCs, EDIHs, and the EU Cybersecurity Skills Academy. By empowering SMEs with the tools and knowledge needed to meet CRA requirements, CYBERFORT contributes to a more secure, resilient, and digitally sovereign Europe.
Pilots
Use Case 1: Maritime Sector — COLUMBIA
COLUMBIA leads the implementation of a shipboard cybersecurity training program, integrating the CYBERFORT platform into maritime operations. The goal is to align shipboard infrastructure with CRA requirements, improve cybersecurity practices, and train personnel in cyber hygiene and incident response.
Use Case 2: Financial Sector — DEALIO
DEALIO implements CYBERFORT as a centralized compliance management solution tailored for financial institutions. The platform supports CRA-aligned risk assessment, regulatory mapping, audit trails, and real-time alerts to enhance compliance efficiency and reduce cybersecurity risks in financial operations.
Use Case 3: Energy Sector — EPG
EPG deploys CYBERFORT as a critical infrastructure vulnerability assessment tool to help energy sector clients meet CRA obligations. The tool automates scanning, prioritizes vulnerabilities, and simplifies reporting to ensure compliance and resilience in energy systems.
Use Case 4: Cybersecurity Providers — CLONE Systems
CLONE integrates and validates CYBERFORT’s CRA compliance capabilities into its service offerings. Through testing, training, and development lifecycle alignment, CLONE ensures its cybersecurity solutions meet CRA standards, benefiting its EU-wide network of SMEs and resellers.
Methodology
The CYBERFORT project methodology follows a structured and iterative approach, ensuring that cybersecurity solutions are co-developed with stakeholders, validated through real-world pilot use cases, and aligned with regulatory standards like the CRA. It begins with the identification of sector-specific cybersecurity needs, followed by the design and development of tailored tools and frameworks. These tools will undergo continuous refinement through stakeholder engagement, feedback loops, and pilot testing across critical sectors including maritime, energy, finance, and cybersecurity service provision. This methodology ensures that the solutions are both technically robust and practically applicable. The final phase focuses on knowledge dissemination, training, and integration with European cybersecurity networks to foster widespread adoption and long-term impact.
