Cybersecure tools, technologies and services relying on AI

The EU grant opportunity titled "DIGITAL-ECCC-2025-DEPLOY-CYBER-09-CYBERAI" falls under the Digital Europe Programme and aims to enhance strategic cyber capabilities across Europe through AI-based technologies. This opportunity particularly focuses on developing and deploying AI-powered cybersecurity tools and systems for national and cross-border Cyber Hubs, Computer Security Incident Response Teams (CSIRTs), and relevant authorities. The auto-identified objectives include improving threat detection, vulnerability management, incident response, and enhancing collaboration through Cyber Threat Intelligence (CTI).

Eligible applicants include a range of entities such as tool and service providers, Cyber Hubs, governmental and national authorities, research institutions, private entities under the NIS 2 directive, and public administrations, either as individual applicants or as part of a consortium. The call specifically encourages partnerships between tool/service providers and Cyber Hubs.

The funding mechanism is structured as direct, non-repayable grants, classified as "DIGITAL JU Simple Grants," with a grant range between €3 million and €5 million aiming for a total budget of €15 million allocated for approximately four projects under this topic. Applications will be accepted in a single-stage process, set to open on October 28, 2025, with a submission deadline of March 31, 2026.

Projects must comply with EU regulations such as the AI Act and GDPR, ensuring the development of secure and trustworthy AI solutions. A co-funding model is generally implied, with estimates suggesting that up to 50% of costs may need to be covered by the beneficiaries. The expected success rate for applications is projected to be in the range of 10-25%, reflecting intense competition within this niche.

Overall, this grant provides an invaluable opportunity for stakeholders in cybersecurity to develop advanced, deployable technologies that enhance Europe's cybersecurity infrastructure, focusing on ethical implementation and robust compliance with EU legislation. Successful proposals will need to demonstrate innovative applications of AI in cybersecurity, effective consortium collaboration, and a clear path toward operational deployment.

This EU grant opportunity, DIGITAL-ECCC-2025-DEPLOY-CYBER-09-CYBERAI, falls under the Digital Europe Programme (DIGITAL) and aims to deploy strategic cyber capabilities across Europe. It is a DIGITAL JU Simple Grant with a DIGITAL Action Grant Budget-Based [DIGITAL-AG] type of Model Grant Agreement (MGA). The deadline model is single-stage. The planned opening date is 28 October 2025, and the deadline date is 31 March 2026, 17:00:00 Brussels time.

The main objective of this grant is to promote the deployment of Artificial Intelligence (AI) and various AI-powered technologies as enablers for Cyber Hubs, CSIRTs, NCSCs, NIS SPOCs, and other relevant entities. The expected outcomes include:

Deployment of AI technologies for Cyber Hubs, CSIRTs, NCSCs, NIS SPOCs, and others.
Development of novel cybersecurity tools based on AI, tested and validated, and made available to relevant entities.
Enhanced information sharing and collaboration among stakeholders, supported by Cyber Threat Intelligence (CTI) produced by AI-powered tools.
Tools for automating cybersecurity processes, such as CTI creation, analysis, and processing, to enhance Cyber Hub operations.
Creation of original European CTI feeds or services.
Implementation of advanced and innovative secure AI solutions for Network and Information Security (NIS) sectors.
Development of secure AI solutions and tools that comply with EU legislation.
Promotion of risk mitigation related to AI misuse, focusing on AI ethics and secure deployment.
Contribution to the standardization and certification of cybersecure, trustworthy AI technologies.

The scope of this grant involves developing and deploying systems and tools for cybersecurity based on AI technologies, addressing aspects such as:

Threat detection
Vulnerability detection
Threat mitigation
Incident recovery through self-healing
Data analysis
Data sharing

All activities must comply with Intellectual Property Rights (IPR) and the General Data Protection Regulation (GDPR). The AI solutions proposed must also be cybersecure.

Activities should include at least one of the following:

Continuous detection of patterns and identification of anomalies that can potentially indicate emerging threats, recognizing new attack vectors and enabling advanced detection in an evolving threat landscape, including in ICT or in Operational Technology infrastructures using open technologies.
Creation of CTI based on novel threat detection capabilities.
Enhancing speed of incident response through real-time monitoring of networks to identify security incidents and generating alerts or triggering automated responses.
Mitigating malware threats by analysing code behaviour, network traffic, and file characteristics, reducing the window of opportunity for attackers to exploit malware.
Identification of vulnerabilities and support for management considering multiple sources of information.
Cybersecure tools and solutions that provide risk-reduction in the crossover between AI, IoT and smart grids or other manufacturing chains.
Support for recovery from incidents through self-healing capacities.
Reducing the chances of attacks and pre-emptively identifying weaknesses through automated vulnerability scanning and penetration testing.
Protecting business sensitive data through the analysis of access patterns and detection of abnormal behaviour.
Enabling organisations to leverage and share CTI and other actionable information for analysis and insights without compromising data security and privacy, through anonymisation.
Tools and solutions that provide product security or cybersecurity by design/default in line with CRA requirements.

Tool and service providers are welcome to apply for this topic, also when in a consortium with Cyber Hubs. Links with stakeholders in the area of High-Performance Computing should be made where appropriate, as well as activities to foster networking with such stakeholders. In well justified cases, access requests to the EuroHPC high performance computing infrastructure could be granted.

The systems, tools, and services developed under this topic will be made available for licensing to National and/or Cross-Border Cyber Hubs platforms, CSIRTs, competent authorities, and other relevant authorities under favorable market conditions.

These actions aim at providing AI-powered cybersecurity capabilities for National and/or Cross-Border Cyber Hubs and for national authorities encompassing Cyber Hubs, CSIRTs, which occupy a central role in ensuring the cybersecurity of national authorities, providers of critical infrastructures and essential services. These entities are tasked with monitoring, understanding and proactively managing cybersecurity threats. In light of their crucial operative role in ensuring cybersecurity in the Union, the nature of the technologies involved as well as the sensitivity of the information handled, Cyber Hubs must be protected against possible dependencies and vulnerabilities in cybersecurity to pre-empt foreign influence and control.

Tools to protect and secure AI solutions in line with the EU legislative framework and considering integration of requirements for robustness, performance, trust and balanced AI autonomy.

Contribute to the cybersecurity certification of AI-driven cybersecurity solutions and systems. The primary objective of cybersecurity certification for AI systems within the EU is twofold: to mitigate cybersecurity risks inherent in AI technologies and to demonstrate compliance with the EU’s comprehensive legislative framework, including the AI Act. By establishing a standardised, transparent, and rigorous certification process, the EU seeks to foster trust in AI technologies among users, developers, and regulators alike.

The admissibility conditions include proposal page limits and layout, which are described in section 5 of the call document and Part B of the Application Form available in the Submission System. Eligible countries are described in section 6 of the call document, as are other eligible conditions. Financial and operational capacity and exclusion are described in section 7 of the call document. The submission and evaluation processes are described in section 8 of the call document and the Online Manual. Award criteria, scoring, and thresholds are described in section 9 of the call document. The indicative timeline for evaluation and grant agreement is described in section 4 of the call document. The legal and financial setup of the grants is described in section 10 of the call document.

The budget overview for the year 2025 includes:

DIGITAL-ECCC-2025-DEPLOY-CYBER-09-CABLEHUBS: 10,000,000 EUR, with contributions around 3,000,000 EUR and an indicative number of 4 grants.
DIGITAL-ECCC-2025-DEPLOY-CYBER-09-COORDPREP: 10,000,000 EUR, with contributions around 1,500,000 EUR and an indicative number of 6 grants.
DIGITAL-ECCC-2025-DEPLOY-CYBER-09-CYBERAI: 15,000,000 EUR, with contributions from 3,000,000 to 5,000,000 EUR and an indicative number of 4 grants.
DIGITAL-ECCC-2025-DEPLOY-CYBER-09-UPTAKE: 15,000,000 EUR, with contributions around 3,000,000 EUR and an indicative number of 5 grants.

Applicants can search for partners to collaborate on this topic. LEARs, Account Administrators, or self-registrants can publish partner requests for open and forthcoming topics. The submission system is planned to be opened on the date stated on the topic header.

For guidance and support, applicants are encouraged to contact the National Cybersecurity Coordination Centres (NCC) in their country or the ECCC Applicants Direct Contact Centre.

In summary, this grant opportunity focuses on enhancing cybersecurity across Europe by deploying AI-based technologies and tools. It aims to strengthen the capabilities of Cyber Hubs, CSIRTs, and other relevant entities in threat detection, vulnerability management, incident response, and data analysis. The projects should comply with EU regulations, promote secure and trustworthy AI solutions, and contribute to the standardization and certification of AI-driven cybersecurity systems. The call encourages collaboration among stakeholders, including tool providers, Cyber Hubs, and High-Performance Computing facilities, to develop and deploy innovative cybersecurity solutions that can be licensed under favorable market conditions.

Eligible Applicant Types: The eligible applicant types for this opportunity include national authorities, competent authorities, National and Cross-Border Cyber Hubs, CSIRTs (Computer Security Incident Response Teams), public bodies, and private entities from the NIS 2 directive, and NCCs (National Coordination Centres). Tool and service providers are also welcome to apply, especially in consortium with Cyber Hubs.

Funding Type: The funding type for this opportunity is a grant, specifically DIGITAL JU Simple Grants and DIGITAL JU SME Support Actions.

Consortium Requirement: The opportunity encourages consortia, especially between tool/service providers and Cyber Hubs, but does not explicitly exclude single applicants. Therefore, it can be considered that either a single applicant or a consortium is acceptable.

Beneficiary Scope (Geographic Eligibility): The geographic eligibility includes the 27 EU Member States, Iceland, and Norway, as these are the countries with National Cybersecurity Coordination Centres (NCCs) included in the Network of NCCs.

Target Sector: The target sector is cybersecurity, with a focus on AI-based technologies, including generative AI, and their application in enhancing cyber threat intelligence, detection, prevention, and incident response. It also touches upon ICT, Operational Technology infrastructures, IoT, smart grids, and manufacturing chains.

Mentioned Countries: The mentioned countries are the 27 EU Member States, Iceland, and Norway.

Project Stage: The expected maturity of the project for this opportunity is deployment, as the call aims to develop and deploy systems and tools for cybersecurity based on AI technologies. The projects should have moved beyond the initial research phase and be ready for implementation and validation in relevant conditions.

Funding Amount: The funding amounts vary depending on the specific topic within the call:
DIGITAL-ECCC-2025-DEPLOY-CYBER-09-CABLEHUBS: Approximately €3,000,000 per grant, with a total budget of €10,000,000.
DIGITAL-ECCC-2025-DEPLOY-CYBER-09-COORDPREP: Approximately €1,500,000 per grant, with a total budget of €10,000,000.
DIGITAL-ECCC-2025-DEPLOY-CYBER-09-CYBERAI: €3,000,000 to €5,000,000 per grant, with a total budget of €15,000,000.
DIGITAL-ECCC-2025-DEPLOY-CYBER-09-UPTAKE: Approximately €3,000,000 per grant, with a total budget of €15,000,000.

Application Type: The application type is an open call with a single-stage submission process.

Nature of Support: The beneficiaries will receive money in the form of grants to develop and deploy cybersecurity systems and tools based on AI technologies.

Application Stages: The application process consists of a single stage.

Success Rates: The success rates cannot be determined from the provided text.

Co-funding Requirement: The text does not explicitly state whether co-funding is required.

Summary:

This opportunity, under the Digital Europe Programme, focuses on deploying strategic cyber capabilities across Europe by leveraging AI-based technologies. The call DIGITAL-ECCC-2025-DEPLOY-CYBER-09-CYBERAI specifically targets the development and deployment of AI-powered cybersecurity tools and systems for national and cross-border Cyber Hubs, CSIRTs, and other relevant authorities. The goal is to enhance their ability to detect, prevent, and respond to cyber threats effectively. The call encourages the development of novel cybersecurity tools, improved information sharing, automation of cybersecurity processes, and the creation of original European Cyber Threat Intelligence (CTI) feeds. Projects should ensure the security of AI solutions, comply with EU legislation like the AI Act and GDPR, and contribute to the standardization and certification of cybersecure AI technologies. Eligible applicants include national and competent authorities, Cyber Hubs, CSIRTs, public bodies, private entities from the NIS 2 directive, NCCs, and tool/service providers, particularly in consortium with Cyber Hubs. The funding is provided through DIGITAL JU Simple Grants, with individual grants ranging from €3,000,000 to €5,000,000, and the application process involves a single-stage submission. The call aims to strengthen the European cybersecurity ecosystem by providing advanced AI-powered capabilities to key cybersecurity actors, ensuring their protection against dependencies and vulnerabilities, and promoting the development of trustworthy and secure AI solutions. The opening date is planned for October 28, 2025, and the deadline for submission is March 31, 2026.