Lessons learned on cybersecurity project proposals for successful EU grant applications

Authors

  • Christine DEMETER National Cyber Security Directorate, Bucharest
  • Dănuț MAFTEI National Cyber Security Directorate, Bucharest

DOI:

https://doi.org/10.53477/2284-9378-25-09

Keywords:

project proposal, strategies, regulations, policies, and legal framework on cyber issues, resilience, challenges, cyber security, risks, innovation, financing.

Abstract

This paper analyses the key aspects of successfully preparing cybersecurity project proposals to secure EU funding. It is structured around three major topics: (1) Global cybersecurity challenges, highlighting advanced cyber threats; (2) EU policies and funding mechanisms, analysing key regulations such as NIS2 Directive, the Cyber Resilience Act, and funding programs like Horizon Europe, Digital Europe, and CEF Digital, which support research, innovation, and digital security infrastructure; (3) Best practices for developing successful EU-funded projects, focusing on aligning proposals with EU priorities, building strong consortia, demonstrating impact, and avoiding common mistakes. By integrating strategic alignment, policy frameworks, and effective project planning, this study provides actionable recommendations for governments, organizations, and cybersecurity professionals aiming to enhance digital resilience through EU-funded initiatives. The findings contribute to a better understanding of the complexities related to securing EU grants and developing sustainable cybersecurity solutions across Europe.

Author Biography

Dănuț MAFTEI, National Cyber Security Directorate, Bucharest

Dănuț MAFTEI, Ph.D., is currently working for the Romanian National Cyber Security Directorate (DNSC - a governmental body) as a Senior Cyber Security Expert on Policies, Strategies and Cooperation. Meanwhile, he is an EU Expert, working with European Commission/DG NEAR as a speaker for TAIEX workshops on cyber issues, digital affairs, hybrid threats, 5G networks security, foreign information manipulation and interference (FIMI), or protection of national, EU and NATO classified information.

He graduated from the Police Academy in Bucharest and has a PhD degree in Public Order and National Security.

With more than 30 years in the government administration, he has been dealing with foreign policy, diplomacy, cyber diplomacy, digital affairs, cybersecurity, national / international security, education and international relations.

Dănuț MAFTEI has a law enforcement background mixed with diplomatic expertise developed in post conflict countries (EUFOR/BiH and Kosovo – as Head of the Romanian Diplomatic Mission), and EU countries and institutions (Spain, Belgium/Brussels–EU Council).

During the RO Presidency of the EU Council (2019), as a diplomat of the RO Permanent Representation to the EU and as the Vice-chair of the Horizontal Party on Cyber Issues / EU Council, he was dealing with diplomacy/foreign affairs, cyber diplomacy, cyber issues, digital affairs and international relations.

From 2022, he has been involved in cyber issues, cooperation, international relations and cyber education within DNSC, Bucharest, Romania.

He is the author or co-author of several articles and scientific papers:

  • Risks, threats, and vulnerabilities related to social media platforms and search engines. Regulation and national legal frameworks.
  • The Cyber Competences Act - a Vital EU Regulation Concerning Mandatory Certification of Critical Network and Information Systems’ Operators across the European Union.
  • International organizations and national seconded experts. Supremacy, security, strategic national interests and foreign policy.
  • Risks, threats and vulnerabilities related to EU Classified Information within CSDP missions and operations.
  • The way several European countries use to achieve their strategic and security objectives by involving the national experts seconded to international organization. Case study: United Kingdom and the Netherlands.
  • The „Lessons Learned” concept and its strategic importance for organisations’ efficiency in fields of security and crisis management.
  • Risk analysis on Romania's participation with Seconded National Experts in international civilian missions and operations.
  • SWOT analysis on the subject “Public Order on national territory”.
  • Security measures taken by national authorities against persons fighting as mercenaries in conflict zones.
  • Anxiety and its consequences on the organizational climate within the institutions of the national defense, public order and national security system.
  • Conceptual developments in collective security in the Euro-Asian and wider Black Sea area.
  • From city-states to megalopoleis. Strength versus weakness
  • Asymmetric threats, classified information management and the right to information. Protecting classified information outside the authorization framework.

Additional details are available on the following website: https://www.linkedin.com/in/danut-maftei-phd-39418a68/ 

References

Apriorit. 2025. ”CyberSecurity Trends in Information Technology and Emerging Future Threats.” doi:10.6084/m9.figshare.16937014.

CISCO. 2025. ”What Is Cyber Resilience?” https://www.cisco.com/c/en/us/solutions/hybridwork/what-is-cyber-resilience.html.

DNSC. 2022. „Lege nr. 366 din 19 decembrie 2022.” https://legislatie.just.ro/Public/DetaliiDocumentAfis/262941.

ECCC. 2025. ”European Cybersecurity Competence Network and Centre.” https://digitalstrategy.ec.europa.eu/en/policies/cybersecurity-competence-centre.

EEAS. 2024. ”Tackling Disinformation, Foreign Information Manipulation & Interference.” https://www.eeas.europa.eu/eeas/tackling-disinformation-foreign-informationmanipulation-interference_en.

ENISA. 2025. ”ENISA.” https://www.enisa.europa.eu/.

EUR-Lex. 2016. ”Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.” https://eur-lex.europa.eu/eli/reg/2016/679/oj.

—. 2019. ”Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA.” https://eur-lex.europa.eu/eli/reg/2019/881/oj/eng.

—. 2022a. ”Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union.” https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32022L2555.

—. 2022b. ”Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC.” https://eur-lex.europa.eu/eli/dir/2022/2557/oj/eng.

—. 2024. ”Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements.” https://eur-lex.europa.eu/eli/reg/2024/2847/oj/eng.

European Commission. 2020a. ”COM(2020) 605 final.” https://eur-lex.europa.eu/legalcontent/ EN/TXT/PDF/?uri=CELEX%3A52020DC0605.

—. 2020b. ”The Cybersecurity Strategy.” https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-strategy.

—. 2021a. ”Connecting Europe Facility.” https://commission.europa.eu/funding-tenders/find-funding/eu-funding-programmes/connecting-europe-facility_en.

—. 2021b. ”EU Funding & Tenders Portal.” Editor European Commission. https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/home.

—. 2021c. ”Horizon Europe.” https://research-and-innovation.ec.europa.eu/funding/fundingopportunities/funding-programmes-and-open-calls/horizon-europe_en.

—. 2021d. ”The Digital Europe Programme.” https://digital-strategy.ec.europa.eu/en/activities/digital-programme.

—. 2023. ”Cyber Skills Academy.” https://digital-skills-jobs.europa.eu/en/cybersecurityskills-academy.

European Union, General Secretariat of the Council. 2023. ”Revised Implementing Guidelines of the Cyber Diplomacy Toolbox no. 10289/23.” https://data.consilium.europa.eu/doc/document/ST-10289-2023-INIT/en/pdf.

Giles, Keir. 2016. ”Handbook of Russian Information Warfare.” https://www.ndc.nato.int/news/news.php?icode=995.

Gleeson, Brent. 2013. ”The Silo Mentality: How To Break Down The Barriers.” https://www.forbes.com/sites/brentgleeson/2013/10/02/the-silo-mentality-how-to-break-downthe-barriers/

Maftei, Dănuț. 2024. ”The Cyber Competences Act – a Vital EU Regulation Concerning Mandatory Certification of Critical Network and Information Systems’ Operators across the European Union.” Informatica Economică 45-60. doi:10.24818/issn14531305/28.2.2024.04.

—. 2025. ”LinkedIn post.” https://www.linkedin.com/posts/danut-maftei-phd-39418a68_cyberincidents-criticalinformationinfrastructure-activity-7291046307190759424-LL9w?utm_source=share&utm_medium=member_desktop.

Maftei, Dănuț și Lorin Nicolae Bogdan-Duica. 2024. ”Risks, threats, and vulnerabilities related to social media platforms and search engines. Regulations and national legal frameworks.” Bulletin of “Carol I” National Defence University (”Carol I” National Defence University Publishing House) 13 (4): 249–265. doi:https://doi.org/10.53477/2284-9378-24-62.

Romanian Government. 2021. „Ordonanță de urgență nr. 104 din 22 septembrie 2021 privind înființarea Directoratului Național de Securitate Cibernetică.” https://legislatie.just.ro/Public/DetaliiDocumentAfis/246652.

—. 2022. „Strategia de Securitate Cibernetică a României, pentru perioada 2022-2027.” https://securitatea-cibernetica.ro/documente/Strategia-de-securitate-cibernetica-a-Romaniei.pdf.

Snegovaya, Maria. 2015. ”Putin’s Information Warfare in Ukraine: Soviet Origins of Russia’s Hybrid Warfare, Institute for the Study of War.” https://www.understandingwar.org/report/putins-information-warfare-ukraine-soviet-origins-russias-hybrid-warfare.

Spencer, Patrick. 2024. ”2024 Cybersecurity and Compliance Landscape: 50 Critical Statistics Shaping Our Digital Future.” https://www.kiteworks.com/cybersecurityrisk-management/2024-cybersecurity-landscape-50-critical-statistics/.

Downloads

Published

2025-04-03

How to Cite

DEMETER, C. ., & MAFTEI, D. . (2025). Lessons learned on cybersecurity project proposals for successful EU grant applications. BULLETIN OF "CAROL I" NATIONAL DEFENCE UNIVERSITY, 14(1), 136–153. https://doi.org/10.53477/2284-9378-25-09

Issue

Vol. 14 No. 1 (2025)

Section

Articles

License

The published articles are subject to copyright law. All rights are reserved to the “Carol I” National Defense University, regardless of whether all or part of the material are considered, especially the rights to translation, reprinting, re-use of illustrations, quotations, broadcasting through the media, reproduction on microfilms or any other way and storage in data banks. Any replicas without the associated fees are authorized provided the source is acknowledged.