Uptake of innovative cybersecurity solutions for SMEs is sponsored by European Commission — Digital Europe Programme. This grant supports the development of a cyber toolkit as a service to help SMEs manage cyber risks, define, and implement their cybersecurity strategy.

The toolkit should include interfaces to existing SaaS applications, functionality for mapping digital assets and vulnerabilities, risk assessment and management, and alerts on threats.

Digital Europe Programme (DIGITAL) DIGITAL-JU-SME DIGITAL JU SME Support Actions DIGITAL Action Grant Budget-Based [DIGITAL-AG] 31 March 2026 17:00:00 Brussels time The development of a cyber toolkit as a service to support SMEs managing cyber risks, defining, and implementing their cybersecurity strategy.

The toolkit could include at least one of the following: * Interfaces that will connect to existing SaaS applications such as HR, invoice and financial management, CRM and accounting systems, etc., which are often used by SMEs for increasing their cybersecurity.

* A functionality that enables the mapping and maintenance of an SME’s digital assets and possible vulnerabilities by interfacing with other SaaS applications that manage an asset inventory and data repositories. * A function that supports the assessment and management of an SME’s cybersecurity risks and of supply chain risk management.

This function should perform a risk assessment, provide recommendations for risk mitigation, and identify options. * An interface to existing tools that support the analysis and assessment of the extent of an SME’s cyber risk based on information gathered from digital infrastructure scanning and data provided by authorised users.

* A function that issues alerts on vulnerabilities and threats based on the information collected by the risk management function. * A function that connects SMEs to a CSIRT or a Cyber Hub to report an incident and assist with recovery if possible. * A mapping and one-stop window/portal to existing tools and solutions targeting cybersecurity support to SMEs.

* Tools supporting detection, prevention and response in Operational Technology infrastructures using open standards or technologies. Support and incident response capabilities to SMEs: * Non-commercial cybersecurity hotline with a standardised framework and guidelines for response times, escalation procedures, and the scope of assistance provided.

* A fully operational, multilingual helpline that provides timely and accurate cybersecurity assistance to SMEs, leading to reduced successful cyber scams and improved digital hygiene. * A National Cyber Response Platform for first cyber responders to exchange their experiences, share relevant news and engage discussions regarding challenges and emerging cyber threats complementary to existing cyber crisis management structures.

* Specialised training modules for first (public and private) responders’ services targeting different sectors such as healthcare, finance, energy, and transportation. Support tools and platforms: * Control Centre and Panel on Incident Reporting and dispatching of incident responders. * SME user interface for Incident reporting associated with the cyber toolkit.

Users can report an incident, get instructions on how to react and obtain information on how to receive support for the response. An AI assistant connected to a Control Centre could also be included. * Interfaces with the National Authorities and Cross-Border Platforms (CBPs) for incident notification and information sharing.

The action aims at improving industrial and market readiness for the cybersecurity requirements for SMEs as specified in relevant EU cybersecurity legislation, for instance, as set in the Cyber Resilience Act ensuring more secure hardware and software products.

Proposals should contribute to achieving at least one of these objectives: * Availability of innovative tools and services that support SMEs in complying with the EU cybersecurity legislation.

* Availability of innovative tools and services that support SMEs in reporting incidents and in assisting with recovery if possible, and in exchanging with competent authorities (i.e. cooperation with Cyber Hubs, CSIRTs (including in relation to the CSIRT Network) and/or ISACs, for e.g. highly critical and other critical sectors entities). * Improved security and notification processes and means in the EU.

* Improved security of network and information systems in the EU. * Industrial and market readiness for the proposed Cyber Resilience Act. * Support for Cybersecurity certification in line with the Cybersecurity Act.

* Support for supply chain partners in standardised self-assessments and certifications. Helping downstream supply chain partners in a step-by-step approach to increase cyber resilience. * Overcome the challenge of finding the technical skills required to deal with a complex technology landscape that relies heavily on extensive configurations and capabilities.

* Cyber toolkit as a service to support for SMEs 1 managing cyber risks, defining, and implementing their cybersecurity strategy, including several functions dedicated to risk assessment, vulnerabilities and threats detection, etc. * Support and incident response capabilities to SMEs. 1 _Cybersecurity guide for SMEs - 12 steps to securing your business, ENISA, 2021, available at: https://www. enisa.

europa. eu/publications/cybersecurity-guide-for-smes. _ The action will focus on supporting at least one of the priorities listed under Expected Outcomes section.

The submission session is now available for: DIGITAL-ECCC-2025-DEPLOY-CYBER-09-CABLEHUBS, DIGITAL-ECCC-2025-DEPLOY-CYBER-09-UPTAKE, DIGITAL-ECCC-2025-DEPLOY-CYBER-09-COORDPREP, DIGITAL-ECCC-2025-DEPLOY-CYBER-09-CYBERAI #### 1. Admissibility Conditions: Proposal page limit and layout described in section 5 of the call document.

**Proposal page limits and layout:** described in Part B of the Application Form available in the Submission System. **Searches of partners to collaborate on this topic** LEARs, Account Administrators or self-registrants can publish partner requests for open and forthcoming topics after logging into this Portal, as well as any user having an active public Person profile.

To access the Electronic Submission Service, please click on the submission-button next to the **type of action** and the **type of model grant agreement** that corresponds to your proposal. You will then be asked to confirm your choice, as it cannot be changed in the submission system. Upon confirmation, you will be linked to the correct entry point.

To access existing draft proposals for this topic, please login to the Funding & Tenders Portal and select the My Proposals page of the My Area section. **Please select the type of your submission:** DIGITAL JU SME Support Actions [DIGITAL-JU-SME], DIGITAL Action Grant Budget-Based [DIGITAL-AG] Please read carefully all provisions below before the preparation of your application.

For guidance and support related to this call, we recommend that you first contact the National Cybersecurity Coordination Centres (NCC) in your country, where available. The Network of NCCs includes one national centre from each of the 27 EU Member States plus Iceland and Norway. You may also address your questions to the ECCC Applicants Direct Contact Centre at applicants@eccc.

europa. eu . Funding & Tenders Portal FAQ – Submission of proposals.

IT Helpdesk – Contact the IT helpdesk for questions such as forgotten passwords, access rights and roles, technical aspects of submission of proposals, etc. Online Manual – Step-by-step online guide through the Portal processes from proposal preparation and evaluation to reporting on your ongoing project. Valid for all 2021-2027 programmes.