Summary
- The Cybersecurity Skills Coalition EDIC has launched with its seat in Athens.
- The consortium will support the EU Cybersecurity Skills Academy and work with ENISA on critical-sector resilience.
- The initiative has received a €3.1 million Digital Europe Programme grant for setup and operation.
The European Commission and participating Member States have launched the Cybersecurity Skills Coalition European Digital Infrastructure Consortium, adding a new coordination body to Europe’s cyber workforce and resilience agenda.
The CSC-EDIC will support the EU Cybersecurity Skills Academy, a Commission initiative launched in 2023. The consortium will have its seat in Athens, with Greece, Cyprus, Austria, Croatia, and Slovenia as founding members. Czechia and Poland have joined as observers, and other Member States can join later under fair and reasonable terms.
The Commission said the academy has already produced 26 pledges from global industry leaders, helping train more than 900,000 cyber professionals. Ten partnerships have also been established through the Industry-Academia Network, while the academy has supported wider uptake of ENISA’s European Cybersecurity Skills Framework.
Through the new consortium, participating countries will develop and deliver tailored cybersecurity training programmes, measure skills gaps, and provide the secretariat for the Industry-Academia Network. The CSC-EDIC will also work with ENISA to enhance cyber resilience in critical sectors, particularly healthcare.
The consortium has received a €3.1 million grant from the Digital Europe Programme to support initial setup and running costs, including governance, personnel, and operations. The funding is modest against the scale of Europe’s cyber workforce need, but the structure gives Member States a route to coordinate skills work more formally.
Cyber skills policy cuts across education, industry, public-sector capacity, national security, and regulated-sector resilience. A shortage of people with practical security, engineering, incident response, governance, and assurance skills can slow patching, weaken supplier oversight, and leave critical systems dependent on thinly stretched teams.
Healthcare is an important focus. Hospitals, public health bodies, care providers, medical suppliers, and regional health systems depend on complex digital services while often working with legacy infrastructure, constrained budgets, and limited specialist security capacity. Training programmes cannot remove those constraints, but consistent skills frameworks and career pathways can strengthen the workforce around them.
The planned EU-wide attestation scheme for cybersecurity skills may also influence procurement and assurance. Buyers, regulators, and operators need clearer ways to assess whether teams and suppliers have the competence required for sensitive environments. A more consistent skills model could support that evidence, provided it is grounded in practical capability rather than certification volume alone.
The CSC-EDIC gives Europe another mechanism for treating cyber capability as shared infrastructure. Regulation and technology investment will have limited effect if organisations cannot recruit, retain, and develop the people needed to operate controls, investigate incidents, and sustain resilience programmes.





