Cybersecurity Funding Program for SMEs & Hospitality Sector 2025

The Office of the Commissioner of Communications – Digital Security Authority (DSA), as the National Cybersecurity Coordination Centre (NCC-CY), in collaboration with the Research and Innovation Foundation (RIF), have opened the submissions for 2 new funding schemes under the Programme “Enhancing Cybersecurity for Small and Medium Enterprises (SMEs) in the Hospitality Sector, 2025” with a total budget of €2.5 million.

We’re thrilled to enlist our team of cybersecurity engineers to support current & prospective clients on how they can leverage these funding opportunities to build stronger defences for safer business.

Now is the time to assess your cybersecurity posture, define your gaps and goals, train your team and adopt a cybersecurity plan that protects your network, infrastructure, apps and data. It’s also a great opportunity to get ISO certified or add to your existing certifications.

Get started now to submit your application by November’s deadline to receive funding for up to 70% of your investment.

Contact Us

Who Qualifies:

• SMEs:
• Small: under 50 employees, gross annual income > €10M
• Medium: 50-249 employees, gross annual income > €50M

Ineligible industries:

• Fishery
• Hydroponic farming
• Farming products

Deadline for submissions:

• November 18^th, 2025, 13:00

Funding:

• €20-€65 000 per project
• Up to €75 000 for AR-in-a-Box users*

Contribution:

• Up to 70%

Payment Plan:

• 50% on project start and 50% on project completion

Deadline for project completion:

• 9 months from project start date.

Requirements:

• Appoint trained CISO
• Attend financial project management training
• Project coordinator must attend project management workshop hosted by ΙδΕΚ.
• Undergo GAP analysis
• Certifications: ISO17021 and 27006, for ISO/IEC27001:2013 or ISO/IEC 27001:2022
• Receive 3 independent quotes, each worth €15K +VAT

Recommendations:

• AR-in-a-box adoption (increases funding potential by €10K)

Resources:

• Info Days funding scheme webinar:
• SME scheme: com/Events/sxediaxorigionSMEs)
• Tourism scheme: com/Events/sxediaxorigionTOURISM)
• Submissions: (https://iris.research.org.cy/#!/)
• IRIS Portal: (https://iris.research.org.cy/#/documentlibrary)
• AR-in-a-box (https://www.enisa.europa.eu/topics/awareness-and-cyber-hygiene/ar-in-a-box)
• Program outline (Greek only) for SME and Tourism sector: (https://ncc.cy/en/news/online-info-days-new-funding-schemes-to-enhancing-cybersecurity)

Timeline:

1. Attend Info Days webinar. 
2. Select partner. 
3. Accept quote for GAP analysis & security implementation. 
4. Submit application. 
5. Sign agreement upon application acceptance. 
6. Receive 1^st instalment of 50%. 
7. Conduct GAP analysis. 
8. Implementation of cybersecurity solution(s)-9 months. 
9. Apply for and receive mandatory certifications. 
10. Submit action report -1 month post-implementation. 
11. Submit application for grant settlement-2 months post-implementation. 
12. Upon evaluation, outstanding funding amount is paid. 
13. ΙδΕΚ reserves right to conduct periodic inspections.

Take Action!

Contact us to get started.