You are here: Home / What's ECSM?

What's ECSM?

European Cyber Security Month (ECSM) is a European Union advocacy campaign that takes place in October. ECSM aims to promote cyber security among citizens, to change their perception of cyber-threats and provide up to date security information, through education and sharing good practices.





ENISA role is to brokerage. The stakeholder model of involvement is the following:

                                                                                                                                                          Stakeholder Model


The objectives of the European Cyber Security Month:

  • generate general awareness about cyber security, which is one of the priorities identified in the EU Cyber Security Strategy;
  • generate specific awareness on Network and Information Security (NIS), which is addressed in the proposed NIS Directive;
  • promote safer use of the Internet for all users;
  • build a strong track record to raise awareness through the ECSM;
  • involve relevant stakeholders;
  • increase national media interest through the European and global dimension of the project;
  • enhance attention and interest with regard to information security through political and media coordination.


The message is

Cyber security is a shared responsibility! STOP.THINK.CONNECT

 Alligned with "An Open, Safe and Secure Cyberspace" EU Cyber Security Strategy .

In coordination with STOP.THINK.CONNECT message originated at NCSM 


OVERVIEW infographic

ROADMAP infographic


   Building together a joint EU advocacy campaign on NIS topics!

  2015  partners


  • eSkills for Jobs campaign

The European Commission has launched the eSkills for Jobs campaign that will take place in 2015 and 2016. The campaign aims to raise awareness of the need for citizens to improve their command of information and communication technology (ICT) skills for work. The campaign is a response to the growing demand for ICT-skilled professionals which is currently not met, despite high levels of unemployment in Europe.

@eskills4jobs #eskills        <> 







In 2011, ENISA was asked to assess the feasibility and explore various options on how a European Cyber Security Month (ECSM) could become an effective instrument to raising awareness about NIS challenges. The Agency was involved in assessing the establishment and organisation of a ECSM. For the first time, during October 2012, a ECSM took place as a pilot project across Europe. 

In 2012, a European Cyber Security Month took place as a pilot project across Europe. As pilot countries the Czech Republic, Luxembourg, Norway, Portugal, Romania, Slovenia, Spain and the United Kingdom participated in various activities and events throughout October 2012, to raise awareness of cyber security. This project was supported by ENISA and the European Commission.To read the synthesis of the results of the first ECSM, please consult the specific page.

The European Cyber Security Month 2013 took place in October in 27 countries. By consulting this report the reader will be introduced to the context of ECSM deployment, the policy context, the stakeholder model of engagement, the activities that were implemented and the results of the fully fledged EU advocacy campaign on NIS topics. This report presents the model of building together a joint EU advocacy campaign, a campaign on cybersecurity topics of interest for all digital citizens, and at the same time for institutions and Small Medium Enterprises.                 . 

                 27COUNTRIES IN ECSM 2013  


In 2014 ENISA  increased the involvement of the private and public sector in this initiative by working together. The priority pillars of the planning:

  1. Enhanced content of ECSM
  2. Building synergies
  3. Evaluate and scale up the results

 The community pinpointed on the agenda the following weekly NIS topics:

  • 1st  week: Training employees, targeting  public and private organizations;
  • 2nd week: PC and mobile security protection and updates, targeting all digital users;
  • 3rd  week: Coding,  targeting students 
  • 4th  week: Cyber security exercises, targeting technical expertise;
  • 5th  week: ePrivacy, targeting all digital users







This concept was inspired by similar projects that were held successfully in other places of the world for some years now. The particularities of the European territory compared to other areas in the world suggest that a significant amount of effort will be required in order for this idea to deliver its full potential across Europe. To this effect, one of the most critical elements for the success of this activity would be to develop an effective structure and coordination scheme among participating entities.

To this end, ENISA was asked to carry out a feasibility study by examining the possible implementation of such a campaign in addition to an overview of the prevailing elements of security days/weeks organised at national level across Europe.

This project is in line with the Awareness Raising workstream of the EU-U.S. Working Group on Cyber-security and Cyber-crime established in the context of the EU-U.S. Summit of 20 November 2010 held in Lisbon.

To read more on the National Cyber Security Awareness Month and the National Cybersecurity Awareness Campaign -Stop.Think. Connect. - organised in the United States and the National Cyber Security Awareness Week organised in Australia, please click on the above links.