European small and medium-sized enterprises (SMEs) facing new cybersecurity requirements under the EU’s Cyber Resilience Act (CRA) can now apply for financial support through the SECURE project. Launched at the end of January 2026, the initiative offers funding of up to €30,000 per company to assist businesses prepare for the upcoming regulations. This support is particularly crucial for manufacturers, especially those in the machine and plant engineering sectors, who may lack the internal resources and budget to navigate the complex compliance process.
The SECURE project, formally known as Strengthening EU SMEs Cyber Resilience, is funded under the Digital Europe Programme. The first application window is open until March 29, 2026, providing a limited timeframe for eligible companies to submit their proposals. The program aims to address a critical gap in the market, as many SMEs recognize the need to comply with the CRA but struggle with the financial and logistical challenges involved.
Understanding the Cyber Resilience Act and SECURE Funding
The EU’s Cyber Resilience Act, expected to be fully implemented by December 2027, will introduce mandatory cybersecurity standards for hardware and software products throughout their entire lifecycle – from design and development to maintenance. The SECURE project is designed to help businesses, particularly smaller ones, proactively prepare for these new obligations and enhance their technical security standards. The IHK Region Stuttgart, a chamber of commerce and industry, is promoting the program to its members, highlighting the importance of early preparation.
The funding available through SECURE takes the form of a co-financing arrangement, covering 50% of eligible costs up to a maximum of €30,000 per company. A total of €5 million is available in this initial round of funding, and projects can run for a maximum of 180 days. A key feature of the program is its simplified “lump-sum” accounting model, which avoids the need for detailed cost documentation, streamlining the application and reporting process.
What Activities are Covered by the SECURE Grant?
The SECURE project offers a broad range of support, encompassing various activities designed to bolster cybersecurity preparedness. These include:
- Compliance Consulting: Gap analyses to identify vulnerabilities, assistance with conformity assessments, and the development of cybersecurity policies and procedures.
- Technical Security Measures: Vulnerability assessments, penetration testing, source code analysis, and product hardening.
- Governance and Risk Management: Establishing internal processes for incident detection, vulnerability disclosure, risk assessments, and supply chain security.
- Training: Awareness training and professional development for employees on product security and CRA requirements.
- Procurement: Funding for external services and tools necessary to achieve security objectives.
Essentially, the program supports almost any measure that contributes to a company’s ability to meet the requirements of the CRA. The funding can be used to address a wide spectrum of cybersecurity needs, making it a valuable resource for SMEs of all sizes.
How to Apply for SECURE Funding
The application process is entirely online and involves three key steps: reviewing the information and documentation available on the official SECURE website, creating a personal account on the platform, and submitting the project proposal through the electronic form. The IHK Region Stuttgart provides guidance and support to companies navigating the application process. Interested companies are encouraged to register on the SECURE portal to begin their application.
The program’s streamlined approach, with its lump-sum payment model and focus on practical measures, aims to make it as accessible as possible for SMEs. This is a significant step towards ensuring that businesses of all sizes can meet the challenges of the evolving cybersecurity landscape and comply with the upcoming CRA regulations.
The deadline for applications in this first round is March 29, 2026. Companies are encouraged to begin the application process as soon as possible to maximize their chances of securing funding. Further information and support are available through the IHK Region Stuttgart and the official SECURE website.
As the Cyber Resilience Act draws closer to full implementation, initiatives like SECURE are vital for supporting European SMEs in strengthening their cybersecurity posture. The next key date for the SECURE project is the application deadline, after which the evaluation process will begin, and successful applicants will be notified.
Have your say! Share your thoughts on the SECURE project and the Cyber Resilience Act in the comments below. Don’t forget to share this article with colleagues and businesses who may benefit from this funding opportunity.
