EIC and ENISA to run in-person Summer School on Cybersecurity in Athens, 23–24 June 2025

Brussels, April 8th 2025
Summary
  • The EIC Business Acceleration Services partners with ENISA to deliver an in-person Summer School on Cybersecurity in Athens on 23 and 24 June 2025.
  • Applications open on 22 April 2025 and places are strictly limited to 40 EIC beneficiaries who must attend both days.
  • Two half-day sessions cover practical awareness programmes and the EU cybersecurity framework, plus networking with EIC-funded cybersecurity innovators.
  • Participants will receive a €200 voucher to reimburse attendance related expenses and the final agenda will be published with the open call.

EIC Summer School 2025 on Cybersecurity, in partnership with ENISA

The European Innovation Council Business Acceleration Services is organising an in-person EIC Summer School focused on cybersecurity, in cooperation with the European Union Agency for Cybersecurity, ENISA. The event will take place at ENISA's premises in Athens, Greece on 23 and 24 June 2025. The programme aims to give EIC beneficiaries practical guidance on protecting innovations and improving organisational cyber resilience while offering networking opportunities within the EIC community.

Event snapshot and key dates

Save the date. Applications for the Summer School will open on Tuesday 22 April 2025. Attendance is limited and selection will be competitive. The activity is delivered in person at ENISA in Athens and is intended for EIC beneficiaries who are not already cybersecurity specialists but who have responsibilities for IT or data security within their organisations.

ItemDetailNotes
Dates23 June 2025 and 24 June 2025Two linked sessions, mandatory attendance both days
LocationENISA premises, Athens, GreeceIn-person only
Application opens22 April 2025Open call to EIC beneficiaries
Participant limitMaximum 40 EIC attendeesSelection details to be provided in the open call
Participant support€200 voucherReimbursement for expenses related to attending and preparing for the training

Programme overview

Session 1 23 June 2025, 14:30 to 18:30:This afternoon session focuses on awareness and communication. Participants will be guided through designing internal security awareness programmes and targeted external campaigns. Practical instruction will cover selecting tools and channels to reach different audiences, defining Key Performance Indicators to measure effectiveness, and creating a communications strategy to support awareness objectives. The session also includes interactive elements: an awareness raising quiz and a modular awareness game provided in different versions with a play guide.
Session 2 24 June 2025, 09:00 to 13:00:The morning session will address higher level European cybersecurity policy and current trends. Topics listed so far include the EU cybersecurity framework and an overview report on the state of cybersecurity across the European Union. The session will also provide opportunities to meet EIC-funded beneficiaries developing cybersecurity solutions. A final, detailed agenda will be published with the open call for applications.

Who should attend

The Summer School is not aimed at people who are already cybersecurity experts or those who work full time in the cybersecurity sector. The organisers recommend attendance by individuals within EIC-backed companies who are involved in IT, data management or managing the security of company information. The event is intended to raise baseline cyber awareness and provide practical tools for innovators to protect their projects and data.

Target audience explained:EIC beneficiaries includes companies and researchers funded by EIC instruments. The call will be open to EIC awardees who fit the profile described above. The event aims to upskill those responsible for practical security decisions rather than to offer deep technical training for experienced security practitioners.

Logistics, costs and selection

Participation will be capped at 40 people to keep the sessions interactive. Attendance on both days is mandatory. The EIC will provide a €200 voucher to each participant to reimburse expenses tied to attending and preparing for the training. Travel, accommodation and other costs above that amount are not specified and may remain the responsibility of participants. The open call will set out selection criteria and any additional eligibility rules.

Voucher and reimbursement details:Each participant will receive a €200 voucher to reimburse attendance and preparation related expenses. The voucher is intended to offset some costs but is not a comprehensive travel grant. Exact reimbursement mechanics will be explained in the open call documentation.

Why ENISA and the EIC partnership matters

ENISA is the European Union Agency for Cybersecurity. The agency has a mandate to support the development of EU cybersecurity policy, to cooperate with member states, and to strengthen trust in digital products and services through certification schemes and capacity building. For the EIC, working with ENISA brings a policy and regulatory perspective that can be valuable for innovators navigating compliance, certification and risk management in a European market.

ENISA explained:ENISA was established in 2004 and its remit was strengthened by the EU Cybersecurity Act. The agency supports EU cyber policy, advises on cybersecurity certification schemes for ICT products and services, and runs capacity building and awareness activities across Member States.
EIC Business Acceleration Services explained:The EIC Business Acceleration Services provides training, business support and access to partner networks for EIC-backed innovators. The Community trainings are recurring activities under BAS and are designed to help awardees scale and commercialise their technologies.

Technical concepts and practical takeaways

EU Cybersecurity framework:This refers to EU-level policies, directives and regulations that shape national and sectoral approaches to cybersecurity. It includes instruments such as the Network and Information Security Directive in its current forms, the Cybersecurity Act's certification components, and guidance on operational resilience. Understanding this framework helps innovators prepare for compliance and market access.
Cybersecurity awareness programmes:These are structured internal or external campaigns to raise knowledge and influence behaviour within an organisation or among stakeholders. A well designed programme combines training, communications and measurable KPIs to reduce human risk factors such as phishing and poor credential handling.
Key Performance Indicators for awareness:KPIs are metrics used to measure the effectiveness of awareness programmes. Examples include training completion rates, phishing simulation click rates, incident reporting frequency, and measured improvements in secure configuration or patching. The Summer School will discuss practical KPIs and how to track them.

A realistic view on impact and limitations

The Summer School is pitched at non-expert practitioners and aims to raise baseline capability and awareness. That is a useful objective, but attendees should not expect deep technical remediation training or certification on advanced defensive techniques. The in-person format and proximity to ENISA staff may offer useful access to policy insights and networking. The €200 voucher will help offset costs but is modest relative to international travel and accommodation. Finally, places are limited so the reach of the activity will be small and targeted.

How to apply

Applications open on 22 April 2025 through the EIC Community open call. The final agenda and full selection process will be published with the open call. Interested EIC beneficiaries should monitor the EIC Community and the BAS calendar for the open call and application details. The organisers will provide further information about selection criteria and logistics when the call goes live.

Final notes and disclaimer

The event is organised by the EIC Business Acceleration Services in collaboration with ENISA as an EIC Community training activity. Information is published for knowledge sharing and does not represent the official view of the European Commission or other bodies. The final agenda and call documentation will contain the authoritative details for applicants.