European small and medium-sized enterprises (SMEs) can now access funding to bolster their cybersecurity defenses and prepare for the upcoming EU Cyber Resilience Act (CRA). The EU-funded SECURE project, launched on January 28, 2026, is offering co-financing of up to €30,000 to eligible companies. This initiative aims to help businesses navigate the new, mandatory cybersecurity requirements for hardware and software products set to be implemented by December 2027.
The CRA will introduce binding cybersecurity standards throughout the entire lifecycle of products – from design and development to maintenance. The SECURE project, part of the broader Digital Europe Programme, specifically targets smaller businesses that may lack the resources to independently meet these evolving demands. The initial funding round makes a total of €5 million available to support SMEs in strengthening their technical security standards and achieving CRA compliance.
What Does the SECURE Funding Cover?
The SECURE project offers financial support for a wide range of activities designed to enhance cybersecurity and prepare for the CRA. Eligible measures include compliance consulting – such as gap analyses and support with conformity assessments – as well as technical security measures like vulnerability assessments, penetration testing and source code analysis. Funding can likewise be used for governance and risk management improvements, employee training, and the procurement of necessary tools and services. Essentially, the program aims to cover “nearly all measures” that contribute to CRA readiness, according to reports.
Specifically, the funding can be applied to:
- Compliance-Beratung: Gap-Analysen, Unterstützung bei der Konformitätsbewertung, Aufbau von Richtlinien und Prozessen
- Technische Sicherheitsmaßnahmen: Vulnerability Assessments, Penetrationstests, Source-Code-Analysen, Absicherung von Produkten
- Governance und Risikomanagement: Interne Prozesse für Incident Detection, Vulnerability Disclosure, Risikobewertungen, Supply-Chain-Security
- Schulungen: Awareness-Trainings und Weiterbildung für Mitarbeiter zu Produktsicherheit und CRA-Anforderungen
- Beschaffung: Externe Dienstleistungen und Tools, die zur Erreichung der Sicherheitsziele notwendig sind
How to Apply for SECURE Funding
The application process is entirely online and involves three key steps: reviewing information and documentation on the official SECURE website, creating a personal account on the platform, and submitting the project proposal through an electronic form. The first open call for applications is open from January 28th to March 29th, 2026. The funding operates on a lump-sum model, meaning companies receive a fixed amount without needing to provide detailed cost breakdowns.
The program offers a co-financing rate of 50% of eligible costs, with a maximum grant of €30,000 per company. Projects can run for a maximum of 180 days. The cyber-regulierung.de website highlights the program’s streamlined approach to funding, making it more accessible for SMEs.
The Importance of the Cyber Resilience Act
The EU’s Cyber Resilience Act represents a significant shift in cybersecurity regulation. As noted by plattformindustrie40.at, the CRA establishes new, binding standards for the cybersecurity of digital products. This impacts manufacturers across various sectors, particularly those in machinery and plant engineering, who may struggle to meet the requirements without financial and technical assistance. The SECURE project is designed to bridge this gap and ensure that European SMEs can confidently navigate the changing cybersecurity landscape.
The SECURE project – Strengthening EU SMEs Cyber Resilience – is a European initiative designed to financially support European SMEs in implementing the Cyber Resilience Act (CRA).
As the deadline for CRA compliance approaches in December 2027, initiatives like SECURE will be crucial in ensuring a secure and resilient digital ecosystem for businesses across the EU. The availability of funding and support will empower SMEs to proactively address cybersecurity risks and maintain consumer trust.
Share your thoughts on the SECURE project and the impact of the CRA in the comments below.