What's ECSM

European Cyber Security Month (ECSM) is a European Union advocacy campaign that takes place in October. ECSM aims to promote cyber security among citizens, to change their perception of cyber-threats and provide up to date security information, through education and sharing good practices.

In 2011, ENISA was asked to assess the feasibility and explore various options on how a European Cyber Security Month (ECSM) could become an effective instrument to raising awareness about NIS challenges. The Agency was involved in assessing the establishment and organisation of a ECSM. For the first time, during October 2012, a ECSM took place as a pilot project across Europe. To read the 2011 Feasibility study, please consult the specific page.

In 2012, a European Cyber Security Month took place as a pilot project across Europe. As pilot countries the Czech Republic, Luxembourg, Norway, Portugal, Romania, Slovenia, Spain and the United Kingdom participated in various activities and events throughout October 2012, to raise awareness of cyber security. This project was supported by ENISA and the European Commission.To read the synthesis of the results of the first ECSM, please consult the specific page.

In 2013 ENISA worked together with the Member States and the Commission and developed further the European Cyber-Security Month. The approach was to widen the number of participating Member States, to ensure sufficient focus on a number of key themes and to profile the event as a joint EU campaign with global outreach. 

In 2014 the European Cyber Security Month (ECSM) 2014 team invited public and private sector organisations interested in Network and Information Security to get involved in the organised activities.

 For 2014 the community pinpointed on the agenda the following weekly NIS topics:

  • 1st  week: Cyber security exercises, targeting technical expertise;
  • 2nd week: PC and mobile security protection and updates, targeting all digital users;
  • 3rd  week: Coding,  targeting students 
  • 4th  week: Training employees, targeting  public and private organizations
  • 5th  week: ePrivacy, targeting all digital users

In 2015, the European Cyber Security Month is being celebrated for the third consecutive year and has been organised by ENISA, the European Commission and over 100 partners (local authorities, governments, universities, think tanks, NGOs, professional associations) from all over Europe.

The ECSM run for the entire month of October, with each week focusing on a different topic.

  • 1st week – October 1-4: Cyber security training for employees
  • 2nd week – October 5-11: Creating a Culture of Cybersecurity at Work
  • 3rd week – October 12-18: Code Week for all
  • 4th week – October 19-25: Understanding Cloud solutions for all
  • 5th week – October 26-31: Digital Single Market for all

For a graphic overview on what happened during the last 4 years please see the European Cyber Security Month Overview.

ECSM Website

The role of the website is to be THE single point of reference for ECSM, with pointers to what is happening at country level, with information and links to organizers, events, practical information etc.


ENISA will also seek to increase the involvement of the private sector in this initiative by working through industry representation bodies to make full use of material that has been developed already and to build upon this material when necessary. The stakeholder involvment  model is the following:

                                                                                                                                                     Stakeholder Model

The objectives of the European Cyber Security Month 2013 will be aligned with the final recommendations and objectives of the 2012 pilot:

  • generate general awareness about cyber security, which is one of the priorities identified in the EU Cyber Security Strategy;
  • generate specific awareness on Network and Information Security (NIS), which is addressed in the proposed NIS Directive;
  • promote safer use of the Internet for all users;
  • build a strong track record to raise awareness through the ECSM;
  • involve relevant stakeholders;
  • increase national media interest through the European and global dimension of the project;
  • enhance attention and interest with regard to information security through political and media coordination.


The message for 2013 is Online security requires your participation. In coordination with "An Open, Safe and Secure Cyberspace" EU Cyber Security Strategy .

Building together a joint EU advocacy campaign on NIS topics!