A Toolbox to improve ICT supply chain security Created byZara Hublet|Updated26 February 2026The NIS Cooperation Group composed of EU Member States representatives, the European Commission and the EU Agency for cybersecurity (ENISA), has adopted an EU ICT Supply Chain Security Toolbox.The toolbox will help Member States and public and private actors to bolster the security of ICT supply chains in the EU as set out in the revised Cybersecurity Act presented on 20 January 2026.Practical outcomes of the Toolboxit provides a common approach on how to identify, assess and mitigate cybersecurity risks of ICT supply chains;it outlines risk scenarios and recommends mitigation measures, including overcoming the dependencies on high-risk suppliers;it is accompanied by two risks assessments on connected and automated vehicles and detection equipment. These two reports provide a comprehensive overview of the cybersecurity risks identified, their potential consequences, and the mitigating measures considered necessary to address them. More information here.Digital skills resource detailsWebsite linkA Toolbox to improve ICT supply chain securityTarget audienceDigital skills for ICT professionals and other digital experts.Digital technology / specialisationCybersecurityDigital skill levelAdvancedDigital ExpertGeographic scope - CountryAustriaBelgiumBulgariaCyprusRomaniaSloveniaCroatiaCzech republicDenmarkEstoniaFinlandFranceGermanyGreeceHungaryItalyIrelandMaltaLatviaLithuaniaLuxembourgNetherlandsPortugalPolandSwedenSpainSlovakiaShow moreShow lessIndustry - field of education and trainingInformation and Communication Technologies (ICTs) not further definedTarget languageEnglishGeographical sphereEU institutional initiativeTopology of competenceshow to identify, assess and mitigate cybersecurity risks of ICT supply chainsMethodologyNo methodology availableMain document - File for downloadNISCG_2026_EU_ICT_Supply_Chain_Security_Toolbox_j7C7mjtm8bJ7UHDEItXtI2CDXS0_124123.pdfSupporting documentsNISCG_2026_CAV_risk_assessment_final_udkcIOUN6tIHc0lDgHBGlc2S7k_124122.pdfNISCG_2026_Detection_Equipment_risk_assessment_WWJq0NuIChU7T4JRkFhgerhvcL4_124121.pdfSkills resource typeSelf-Assessment ToolOrganisationEuropean Commission European Union Agency for Cybersecurity (ENISA) Share this page Log in to comment
