โ—† TenderMetric Intelligence Team ยท Last Reviewed: April 2026 ยท Sources: TED Europa ยท EU Publications Office ยท European Commission
โ—† EU Procurement Intelligence โ€” Key Facts
  • โœ“ The EU public procurement market is worth โ‚ฌ2 trillion+ annually โ€” approximately 14% of EU GDP
  • โœ“ TED Europa publishes 700,000+ contract notices per year across all 27 EU member states
  • โœ“ EU procurement thresholds in 2026: โ‚ฌ143,000 (supplies/services, central) ยท โ‚ฌ5.538M (works)
  • โœ“ Open procedures account for ~67% of all above-threshold EU contracts โ€” the most accessible route for new bidders
  • โœ“ All above-threshold contracts must be published in the Official Journal of the EU (OJEU) under Directive 2014/24/EU
โ† Back to Insights
Reference TM-INS-081 // MARCH 2026

Cybersecurity CPV Codes: Complete Reference for EU Procurement 2026

Summary

Common Procurement Vocabulary (CPV) codes are the EU's standardised classification system for public procurement, used across all 27 member states and by EU institutions on TED (Tenders Electronic Daily). For cybersecurity vendors, understanding the full CPV landscape is essential for monitoring opportunities systematically โ€” a single missed code family can mean overlooking hundreds of relevant contracts per year. This reference guide provides a complete catalogue of CPV codes relevant to cybersecurity procurement, explains how the CPV system works, covers how to configure TED alerts, and identifies the highest-volume codes and emerging codes to watch in 2026.

How CPV Codes Work

CPV codes are 8-digit numerical codes with a check digit, organised into a hierarchical taxonomy. The structure is: Division (first 2 digits) โ†’ Group (first 3 digits) โ†’ Class (first 4 digits) โ†’ Category (first 5 digits) โ†’ Sub-category (all 8 digits). For example, the code 72212730 breaks down as: 72 (IT services division) โ†’ 722 (software programming group) โ†’ 7221 (application software programming class) โ†’ 72212 (programming services category) โ†’ 72212730 (security software development).

Contracting authorities choose CPV codes to classify their procurement notice. For cybersecurity, there are two problems: the CPV taxonomy was last significantly revised in 2008, predating cloud computing, EDR, SIEM, and many current security concepts; and procurement officers often use broad parent codes (e.g., 72000000 โ€” IT services) rather than specific security subcodes. This means relying on CPV codes alone will miss many relevant contracts. Effective monitoring requires CPV codes combined with keyword searching in contract titles and descriptions.

Security Software CPV Codes

  • 48730000 โ€” Security software package (top-level code for security software)
  • 48731000 โ€” Security management software package
  • 48732000 โ€” Data security software package
  • 48761000 โ€” Anti-virus software package
  • 48900000 โ€” Miscellaneous software packages and computer systems
  • 72212730 โ€” Security software development services
  • 72212517 โ€” IT software development services (security applications)
  • 72212480 โ€” Sales, inventory and distribution software development services (sometimes misused for security tools)

Security Services CPV Codes

  • 72220000 โ€” Systems and technical consultancy services (penetration testing, security architecture, NIS2 consulting)
  • 72222300 โ€” Information technology services (broad security services)
  • 72700000 โ€” Computer network services (network security, SOC, managed detection)
  • 72315000 โ€” Data network management and support services (network security management)
  • 72250000 โ€” System and support services (managed security services, MSSP)
  • 72300000 โ€” Data services (data security, data classification)
  • 72600000 โ€” Computer support and consultancy services (security support)
  • 72212000 โ€” Programming services for application software (security development)

Audit and Compliance CPV Codes

  • 79212000 โ€” Auditing services (security audits, ISO 27001 assessments, NIS2 compliance audits)
  • 79212100 โ€” Internal audit services
  • 79212300 โ€” Statutory audit services
  • 79131000 โ€” Documentation services (data mapping, RoPA, policy documentation)
  • 79100000 โ€” Legal services (data protection legal advice, DPO services)
  • 73000000 โ€” Research and development services (cybersecurity research, threat intelligence studies)

Hardware and Infrastructure CPV Codes

  • 35120000 โ€” Surveillance and security systems and devices (security hardware appliances)
  • 32420000 โ€” Network equipment (firewalls, switches, routers)
  • 32422000 โ€” Network components
  • 35125300 โ€” Security cameras (CCTV โ€” physical security, sometimes paired with cybersecurity)
  • 30200000 โ€” Computer equipment and supplies (secure computing hardware)
  • 32000000 โ€” Radio, television, communication, telecommunication and related equipment

Training and Education CPV Codes

  • 80533100 โ€” Computer training services (cybersecurity awareness, technical security training)
  • 80000000 โ€” Education and training services
  • 80510000 โ€” Specialist training services (advanced security qualifications)
  • 80531000 โ€” Technical and vocational training services
  • 80570000 โ€” Personal development training services (CISO/executive security training)

Setting Up TED Alerts by CPV Code

TED's alert system (ted.europa.eu) allows you to save searches and receive email notifications when matching notices are published. To set up effective cybersecurity CPV monitoring:

  • Create an account on TED and access the "My TED" section
  • Use the Expert Search to combine multiple CPV codes with OR operators
  • Add keyword filters for your specific services to refine results
  • Filter by country if you are focused on specific member states
  • Set notification frequency to daily for fast-moving opportunities
  • Supplement TED alerts with national procurement portal alerts (BOAMP in France, Vergabe.de in Germany, TenderNed in Netherlands) where pre-threshold contracts are published

A recommended starting CPV alert set for cybersecurity: 48730000, 48761000, 72220000, 72222300, 72700000, 79212000, 80533100, 35120000, 32420000 โ€” covering the major code families across software, services, audit, training, and hardware.

Most Active Codes by Volume and Codes to Watch in 2026

Highest volume cybersecurity codes in 2025 (by number of TED notices): 72222300, 72220000, 72700000, 48730000, 79212000 โ€” broad service and consultancy codes that capture the majority of security contract activity.

Codes to watch in 2026: 72212730 (security software development โ€” rising with NIS2-driven custom development), 80533100 (security awareness training โ€” driven by NIS2 Article 20 mandate), 73000000 (R&D services โ€” ENISA and national cybersecurity agency research procurement), 79131000 (documentation services โ€” GDPR and NIS2 policy and records work). The hardware codes 35120000 and 32420000 are also trending upward as government network security refresh cycles accelerate.

For the most granular market intelligence, use TenderMetric's alert service to monitor all relevant CPV codes and keywords simultaneously across TED and all major national portals, ensuring no relevant opportunity is missed regardless of how a contracting authority has chosen to classify their requirement.

End of Briefing // TenderMetric Intelligence Systems โ€” TM-INS-081

Related Articles

Sector Guide
EU Cybersecurity Tenders 2026: How to Win Government Security Contracts
Getting Started
OJEU Explained
Sector Guide
EU IT Services Tenders 2026
โ—†
TenderMetric Intelligence Team
EU Procurement Research & Analysis ยท Last updated April 2026
Analysis compiled from TED Europa (Official Journal of the EU), European Commission procurement data, and CPV code classifications. TenderMetric tracks 10,000+ active EU procurement notices across all 27 member states, updated daily from the TED open data feed.
Get Weekly EU Tender Alerts
New tenders from TED Europa across all 27 EU member states โ€” every Monday. Free forever.
โ—† EU Procurement Intelligence at a Glance
10K+
Active tenders tracked
27
EU member states
โ‚ฌ2T+
Annual market value
Daily
Data refresh from TED
โ—† EU Contract Value Distribution (above-threshold)
Works contracts (construction, infrastructure) ~52%
Services contracts (IT, consulting, healthcare) ~35%
Supplies contracts (equipment, goods) ~13%
SME award rate (% of contracts to SMEs) ~45%
Source: European Commission Public Procurement Statistics โ€” approximate figures based on TED Europa data.
โ—† EU Procurement Lifecycle (Open Procedure)
Day 1
Contract Notice Published (TED)
Day 1โ€“35
Tender Preparation & Submission
Day 35โ€“70
Evaluation & Clarifications
Day 70โ€“85
Standstill Period (10 days)
Day 85
Contract Award Decision
Day 90+
Contract Signature & Start
Timeline is indicative. Open procedure minimum: 35 days from publication to submission deadline (Directive 2014/24/EU).
โ—†
About the Author
TenderMetric Research Team
EU Procurement Intelligence Specialists ยท tendermetric.com
Our analysts monitor 10,000+ EU procurement notices daily across construction, IT, healthcare, defense, and energy sectors. All data sourced from TED Europa and the EU Publications Office.
๐Ÿ“‹ 10K+ tenders tracked ๐Ÿ‡ช๐Ÿ‡บ 27 member states ๐Ÿ”„ Updated: April 2026
โ—† Common Questions About EU Procurement
What is TED Europa and where do EU tenders come from? +
TED (Tenders Electronic Daily) is the online version of the Supplement to the Official Journal of the EU, published by the EU Publications Office. It publishes procurement notices above EU thresholds from all 27 member states, EU institutions, and affiliated bodies โ€” approximately 700,000+ notices per year. TenderMetric aggregates and enriches this data daily.
What are the EU procurement thresholds in 2026? +
For 2026โ€“2027, the EU procurement thresholds are: โ‚ฌ143,000 for supplies and services by central government authorities; โ‚ฌ221,000 for supplies and services by sub-central authorities; โ‚ฌ5,538,000 for works contracts. Utilities and defence sectors have separate thresholds. Contracts above these values must be published on TED.
Can non-EU companies bid on EU public tenders? +
Third-country participation depends on international agreements. Countries covered by the WTO Government Procurement Agreement (GPA) โ€” including the US, UK, Canada, Japan, and others โ€” generally have access to EU tenders above GPA thresholds. Countries without GPA coverage may be excluded from specific lots. Always check the contract notice for nationality restrictions.
What is an ESPD and is it required? +
The European Single Procurement Document (ESPD) is a self-declaration form used across the EU as preliminary evidence of a bidder's suitability. It replaces multiple national certificates at the tender stage โ€” you only need to submit the actual certificates if you win. The ESPD is mandatory for all above-threshold EU procurements and can be completed via the eESPD online service.
How can SMEs compete for EU public contracts? +
SMEs win approximately 45% of EU public contracts by value. Key strategies: focus on lots (contracting authorities must divide large contracts into lots where feasible); form consortia with complementary firms; target sub-central authorities (municipalities, regions) where competition is lower; use framework agreements as a stepping stone to larger contracts. The ESPD simplifies the qualification process specifically to reduce SME burden.
Browse Active EU Tenders
By Sector: Construction IT Services Healthcare Engineering Energy Environment Education Defense Software Transport R&D Finance
By Country: Germany France Italy Spain Poland Netherlands Belgium Sweden Austria Greece Portugal Czech Republic