On 28 January 2026, the SECURE project has launched a first round of financial support measures to help small businesses achieve compliance with new cybersecurity requirements for their hardware and software products.

This will allow micro, small and medium enterprises (MSMEs) to request co-funding to strengthen the cybersecurity of their hardware and software products to ensure compliance with the EU Cyber Resilience Act (CRA).

As part of the first round of financial support measures offered by the SECURE project, MSMEs may request a maximum of EUR 30.000 co-funding for certain activities, such as

• Regulatory compliance activities, such as audits, assistance in preparing certifications, and policy
  definition
• Product-related technological and security requirements upgrading, through activities such as
  vulnerability assessment and penetration testing, source code analysis, and application security.
• Upgrading of technological and security requirements of production infrastructures, including
  cybersecurity, information security, ICT, IT, and OT resilience activities. 
• Fulfilling internal governance and risk management requirements, such as internal procedures,
  incident detection, management and notification processes, risk and impact assessments, supply
  chain security and product maintenance and updating plans.
• Awareness raising and training activities on products and cyber security.
• Procurement of material goods and professional services that are instrumental to achieving the
  required security standards

Deadline to submit requests is 29 March 2026. More information on this first call can be found on the project website. 

Background:

The CRA introduces mandatory cybersecurity requirements for manufacturers, covering the planning, design, development and maintenance of such products. The CRA will start to apply on 11 December 2027.