Technical  assistance to the European investment Bank (EIB) to support its efforts to  step up its contribution to Europe’s security under a new major initiative –  European Security Initiative (ESI). The Bank is required to demonstrate EUR 2  billion per year of security related investments over the next three years  (2018 – 2020) in key sectors such as energy, transport, water supply, health,  financial institutions and markets infrastructure. The security related  investments will cover various areas, including increased resilience and  protection of critical infrastructure and essential services, protection of  public spaces and increasing security of citizens at local level, support for  Member States national authorities to face new technological challenges (such  as blockchain, cryptocurrencies, AI), upgrading cyber and IT forensics  capacity for both private and public actors, facilitation of exchange of best  practices among security actors, investment to increase security of access at  borders and infrastructure to support cross border cooperation among  competent authorities (police, judicial, customs).    

‍

As part of its assistance to EIB we proposed an approach for identifying  cybersecurity related investments for each project type in different sectors,  prepared a report showing cybersecurity related components of investment  projects and their costs, define the most suitable metrics, and default  values of cybersecurity related investments for each project type in  different sectors, and prepared a comprehensive report based on findings and  conclusions.    

‍

Based on the outputs of the Assignments, the Bank will prepare a Guidance  Note for Security Investments (‘Guidance Note’), which will serve as a tool  for project promoters to assess which projects and which components of them  will contribute to improve security at very early stages of project  development. In this way, the Assignment is expected to allow project  promoters to prioritize investments in terms of their contributions to  improving security on a systematic basis. Besides being benefit of use for  project promoters, it is expected that the Guidance Note will be useful for  the financial institutions and other third parties.    

‍

The services we provided included undertaking a review of the Bank’s  sectoral Notes that establish which types of cybersecurity related  investments are eligible on the basis of the sectoral lending policies,  refining the thinking/approach outlined in the Notes, based on the Service Provider’s  experience in cybersecurity and propose an alternative approach if  appropriate, quantifying cybersecurity related investments for each project  type in different sectors and provide a methodology that could be applicable  also to other financiers and project promoters, and confirm quantified  figures through a targeted project promoter engagement, which will be managed  by the Bank and by one or two other potential financing institution.