Blog

European Cybersecurity Month 2025 – Strengthening awareness, skills, and collaboration

As cyber threats continue to evolve in scale and sophistication, the European Union is once again marking European Cybersecurity Month (ECSM). This year’s campaign underscores the importance of digital resilience, shared responsibility, and the need to equip citizens and organisations—particularly small and medium-sized enterprises (SMEs)—with the knowledge and tools to safeguard against cyber risks.

What is European Cybersecurity Month?

Held each October, ECSM is the EU’s flagship campaign to raise awareness of cybersecurity and promote good digital hygiene across member states. Coordinated by the EU Agency for Cybersecurity (ENISA) in partnership with the European Commission, the initiative brings together governments, NGOs, businesses, universities, and civil society in a pan-European effort to share good practices, provide up-to-date security guidance, and highlight the latest digital threats.

Since its launch in 2012, ECSM has run under the guiding motto “Think Before You Click,” focusing on practical themes such as phishing awareness, online behaviour, and collective responsibility in defending Europe’s digital ecosystem.

Spotlight on SMEs: Building resilience in the backbone of the EU economy

SMEs are the backbone of the European economy, representing 99% of all businesses and employing around 100 million people. Despite their critical role, they remain highly vulnerable to cyberattacks due to limited resources, smaller security budgets, and a lack of in-house expertise.

ENISA’s research during the COVID-19 pandemic revealed the extent of these challenges: as SMEs accelerated their digital transformation, they also became more exposed to threats such as phishing, ransomware, CEO fraud, and data theft. Alarmingly, 90% of SMEs reported that a cyber incident would have serious consequences within a week, while 57% feared bankruptcy if they could not recover quickly. More information AVAILABLE HERE.

To address these risks, ENISA continues to provide SMEs with practical support—including risk assessment tools, business continuity guidelines, cloud security practices, and cyber hygiene checklists—helping them to strengthen resilience and embed cybersecurity into daily operations.

New opportunity: MERIT International Industry Engagement Workshop on Cybersecurity

This year’s ECSM is complemented by a new initiative under the MERIT project, which is co-funded by the EU’s Digital Europe Programme. On 21 November 2025, from 09:00 to 11:30 CET, MERIT will host a Hybrid International Industry Engagement Workshop on Cybersecurity, (REGISTER HERE) bringing together:

• Small and Medium-Sized Enterprises (SMEs)
• Higher Education Institutions (HEIs)
• Cybersecurity experts
• Students

The workshop aims to exchange insights, explore emerging threats, highlight the skills needed in the cybersecurity workforce, and strengthen collaboration between academia and industry.

Beyond this event, MERIT has committed to a series of workshops across advanced digital domains—including Artificial Intelligence, Internet of Things (IoT), and cybersecurity—to better align academic training with industry requirements. More information is available at digitalmerit.eu.

Why cybersecurity awareness matters

Cybersecurity is no longer an issue limited to large corporations or institutions. SMEs, professionals, and everyday citizens are frequent targets, often with fewer resources to defend themselves.

As Europe embraces digital transformation, remote work, cloud solutions, IoT, and AI, opportunities for innovation increase—but so do vulnerabilities. Without effective protection, these technologies can expose individuals and businesses to significant risks.

Initiatives like ECSM and the MERIT workshop play a vital role in closing the gap between current digital skills and future needs. They foster awareness, promote collaboration, and encourage practical action to ensure Europe is equipped to handle tomorrow’s cybersecurity challenges.

How to get involved

Participate in ECSM: Join events, workshops, trainings, and webinars taking place across Europe.

Engage in the MERIT workshop on 21 November: Connect with experts, academics, and businesses to explore new challenges and solutions. More information AVAILABLE HERE.

For SMEs: Use ENISA’s resources to evaluate your cybersecurity posture, strengthen weak points, and ensure long-term resilience.

European Cybersecurity Month 2025 serves as a reminder that cybersecurity is not just an IT issue—it is a social, economic, and collective responsibility. Together, Europe can build a safer and more resilient digital future.