Project

Project Overview

IQ Defence is a capacity-building initiative designed to strengthen cybersecurity resilience across the European Union through structured education, regulatory alignment, and harmonised skills development. The project addresses the operational and strategic challenges arising from implementing the NIS2 Directive and the Cyber Resilience Act (CRA), with a particular focus on translating regulatory requirements into measurable competencies and practical readiness. IQ Defence (Grant Agreement No. 101249724) is funded by the European Union under the Digital Europe Programme (DIGITAL-ECCC-2024-DEPLOY-CYBER-07-CYBERSEC-02) and is implemented over 36 months. The core premise of IQ Defence is straightforward: regulatory frameworks alone do not ensure security. Effective cybersecurity depends on trained professionals, informed leadership, capable institutions, and coordinated implementation across Member States. IQ Defence therefore integrates policy alignment, occupational standard development, multilingual training delivery, and cross-border knowledge exchange into a unified framework. The project began on January 1, 2026, and is implemented over 36 months, combining regulatory alignment, skills development, digital platform deployment, and cross-border cooperation.

Strategic Context

The rapid expansion of digital infrastructure, interconnected supply chains, and critical services has significantly increased systemic cyber risk within the EU. At the same time, the NIS2 Directive and the Cyber Resilience Act (CRA) introduce strengthened cybersecurity risk management, reporting, and product lifecycle security obligations for essential and important entities, manufacturers, service providers, accreditation bodies, and market surveillance authorities. However, three structural gaps persist:

• Skills shortages and uneven competence levels across Member States
• Fragmented interpretation and implementation of regulatory requirements
• Limited harmonisation of cybersecurity occupational standards

IQ Defence directly addresses these gaps by aligning cybersecurity education, micro-credentials, and training programmes with European-level frameworks, particularly the European Cybersecurity Skills Framework (ECSF).

Strategic Alignment

IQ Defence contributes directly to:

• The Digital Europe Programme objectives
• Implementation of the NIS2 Directive across Member States
• Operational readiness under the Cyber Resilience Act (CRA)
• Development of advanced digital skills in line with the ECSF
• Strengthening EU cybersecurity capacity, digital resilience, and strategic autonomy
• Key coordination activities
• 45,000+ projected outreach through communication campaigns

Objectives

The project pursues five interconnected objectives:

• Develop 12+ occupational and qualification standards aligned with the European Cybersecurity Skills Framework (ECSF) and integrate them into national qualification frameworks and the Skills Map
• Design and deliver six multilingual online cybersecurity training programmes (four focused on NIS2 and two focused on the Cyber Resilience Act)
• Support the harmonised implementation of NIS2 and CRA across Member States
• Strengthen the competencies of public authorities and market surveillance bodies
• Increase cybersecurity awareness among organisations and citizens

Each objective contributes to measurable improvements in operational readiness, compliance capability, and institutional resilience.

Project Approach

IQ Defence applies a structured, multi-layered approach:

1. Skills Framework Alignment – Occupational profiles and qualification standards are defined and validated to ensure transparency, comparability, and cross-border recognition of cybersecurity competencies.

2. Multilingual Digital Training Infrastructure – A dedicated online platform provides standardised courses, assessments, and certification pathways accessible in all EU languages.

3. Regulatory-to-Operational Translation – Training modules, awareness activities, and policy coordination mechanisms are designed to translate NIS2 and CRA legal requirements into measurable operational controls, governance structures, secure-by-design principles, and structured assessment pathways.

4. Policy Coordination Mechanism – Regular online meetings, a dedicated Member State alignment conference focused on the transposition of NIS2 (including experience sharing from Croatia’s implementation), and annual cybersecurity conferences facilitate structured exchange between Member States, competent authorities, CSIRTs, and stakeholders to promote harmonised interpretation and implementation.

5. Awareness and Public Outreach – A structured communication campaign addresses key cyber threats such as ransomware, phishing, identity theft, and supply chain compromise, increasing societal cyber resilience.

Target Groups

• Essential and Important Entities (NIS2 scope)
• SMEs and supply chain actors
• Public authorities and market surveillance bodies
• CSIRTs and incident response professionals
• Education providers and qualification authorities
• Citizens seeking improved cyber awareness
• 45,000+ projected outreach through communication campaigns

Expected Impact

IQ Defence contributes to:

• Reduced fragmentation in cybersecurity competence development
• Increased number of certified professionals aligned with EU standards
• Improved readiness of essential and important entities
• Strengthened the capacity of supervisory and market surveillance authorities
• Enhanced public awareness of cyber hygiene practices

By integrating education, regulation, and coordination into a single operational framework, IQ Defence supports the long-term objective of strengthening European digital resilience, strategic autonomy, and collective cyber resilience.

Impact Indicators

• 12+ occupational and qualification standards developed
• 6 fully multilingual training programmes
• 500+ certified participants
• 5+ representatives from EU Member States engaged in structured cross-border policy