What's ECSM?

European Cyber Security Month (ECSM) is an EU advocacy campaign that promotes cyber security among citizens and advocates for change in the perception of cyber-threats by promoting data and information security, education, sharing of good practices and competitions. The European Union Agency for Network and Information Security (ENISA), the European Commission DG CONNECT and Partners are deploying the European Cyber Security Month (ECSM) every October. Metrics: in 2014 there were 30 countries involved, in 2013 there were 24 countries involved.



 Building together a joint EU advocacy campaign on NIS topics!


ENISA role is to brokerage. The stakeholder model of involvement is the following:

                                                                                          Stakeholder Model                                                               

The objectives of the European Cyber Security Month:

  • generate general awareness about cyber security, which is one of the priorities identified in the EU Cyber Security Strategy;
  • generate specific awareness on Network and Information Security (NIS), which is addressed in the proposed NIS Directive;
  • promote safer use of the Internet for all users;
  • build a strong track record to raise awareness through the ECSM;
  • involve relevant stakeholders;
  • increase national media interest through the European and global dimension of the project;
  • enhance attention and interest with regard to information security through political and media coordination.


General message: Cyber security is a shared responsibility! STOP.THINK.CONNECT

 Alligned with "An Open, Safe and Secure Cyberspace" EU Cyber Security Strategy http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1667 .In coordination with STOP.THINK.CONNECT message originated at NCSM www.staysafeonline.org 


Weekly topics

Every week has another important topic and activities happen either online or offline:

1st week topic: Cyber security Training for employees

2nd week topic: Creating a Culture of Cybersecurity at Work

3rd week topic: Code Week for all

4th week topic: Understanding Cloud solutions for all

5th week topic: Digital Single Market for all                                                                                



In 2011, ENISA was asked to assess the feasibility and explore various options on how a European Cyber Security Month (ECSM) could become an effective instrument to raising awareness about NIS challenges. The Agency was involved in assessing the establishment and organisation of a ECSM. For the first time, during October 2012, a ECSM took place as a pilot project across Europe. 

In 2012, a European Cyber Security Month took place as a pilot project across Europe. As pilot countries the Czech Republic, Luxembourg, Norway, Portugal, Romania, Slovenia, Spain and the United Kingdom participated in various activities and events throughout October 2012, to raise awareness of cyber security. This project was supported by ENISA and the European Commission.To read the synthesis of the results of the first ECSM, please consult the specific page.

The European Cyber Security Month 2013 took place in October; by consulting this report the reader will be introduced to the context of ECSM deployment, the policy context, the stakeholder model of engagement, the activities that were implemented and the results of the fully fledged EU advocacy campaign on NIS topics. This report presents the model of building together a joint EU advocacy campaign, a campaign on cybersecurity topics of interest for all digital citizens, and at the same time for institutions and Small Medium Enterprises.                 . 

                 27COUNTRIES IN ECSM 2013         

In 2014 ENISA  increased the involvement of the private and public sector in this initiative by working together. The priority pillars of the planning:

    1. Enhanced content of ECSM
    2. Building synergies
    3. Evaluate and scale up the results


 The community pinpointed on the agenda the following weekly NIS topics:

  • 1st  week: Training employees, targeting  public and private organizations;
  • 2nd week: PC and mobile security protection and updates, targeting all digital users;
  • 3rd  week: Coding,  targeting students 
  • 4th  week: Cyber security exercises, targeting technical expertise;
  • 5th  week: ePrivacy, targeting all digital users 





This project is in line with the Awareness Raising workstream of the EU-U.S. Working Group on Cyber security and Cyber crime established in the context of the EU-U.S. Summit of 20 November 2010 held in Lisbon.

To read more on the National Cyber Security Awareness Month and the National Cybersecurity Awareness Campaign -Stop.Think. Connect. - organised in the United States and the National Cyber Security Awareness Week organised in Australia, please click on the above links.