Enhancing the Cybersecurity Capabilities of the Domestic SME Sector (SSNS-NCC-HU-FSTP-2026)

Enhancing the Cybersecurity Capabilities of the Domestic SME Sector (SSNS-NCC-HU-FSTP-2026) is a Hungarian national grant managed by the National Coordination Centre under the Digital Europe Programme to strengthen SME cyber resilience. The call has a total budget of €2,000,000, provides grants covering up to 50% of eligible costs and funds procurement of cybersecurity hardware, software and related services. Eligible applicants are micro, small and medium enterprises with at least three closed financial years operating in sectors listed in Annexes 2 or 3 of the Hungarian Cybersecurity Act. Applications must be submitted online via palyazat.gov.hu (EPTK single sign-on) between 8 April 2026 09:00 CEST and 28 May 2026 23:59 CEST.

What it funds

Scope

Grants to strengthen cyber resilience of SMEs through procurement of security hardware, software and related services, and replacement of obsolete components. Examples include endpoint protection (AV, EDR/XDR), firewalls, IDS/IPS/NDR, WAF, Anti-DDoS, backup and recovery, SIEM, MDM, MFA, IAM, DLP, encryption and key management, centralised logging and advanced log analysis, GRC tools; plus testing, SOC services, integration, training and consultancy.

Who can apply:Micro, small and medium enterprises (SMEs) with at least three closed financial years and operating in sectors listed in Annexes 2 or 3 of the Hungarian Cybersecurity Act. Applications are open without territorial restrictions but must meet call-specific eligibility rules ¹.

1. 1Eligible recipients: SMEs (micro, small, medium) with >=3 full financial years and active in statutory sectors
2. 2Eligible activities: purchase of cybersecurity products and licences; procurement of testing, SOC, integration, training and advisory services; replacement of unsupported/obsolete HW/SW
3. 3Funding source and management: Digital Europe Programme plus Hungarian state budget, managed by NCC-HU

Applications are evaluated in stages; eligible applications are scored and funding decisions made in order of score within each stage. Full rules, eligible sectors, cost rules and submission templates are in the official call documents ¹.

Footnotes

1. 1Call documentation, templates and the full call text are published on the NCC-HU portal and the national pályázat site; download and apply via palyazat.gov.hu and consult the call code SSNS-NCC-HU-FSTP-2026 for complete eligibility and application guidance NCC-HU call page

Essential facts and administrative data

Call Title:Enhancing the Cybersecurity Capabilities of the Domestic SME Sector (SSNS-NCC-HU-FSTP-2026). Managing authority: National Coordination Centre Hungary (NCC-HU). Funding source: Digital Europe Programme and the Hungarian State budget under DIGITAL-ECCC-2024-DEPLOY-NCC-06. Call publication date: 2026-03-24. Submission window: 08 April 2026, 09:00 CEST to 28 May 2026, 23:59 CEST. Application channel: online application form via palyazat.gov.hu (e-Government EPTK system) using Single sign-on Interface Login. Budget indicated in the scraped metadata: €2 000 000 (noted as Budget: 2000000). Reference identifiers: Call code SSNS-NCC-HU-FSTP-2026; DIGITAL-ECCC-2024-DEPLOY-NCC-06; Portal reference 46786367/13882 ¹.

Deadline / Key dates:Call published 2026-03-24. Online submission open 2026-04-08 09:00 (CEST) — close 2026-05-28 23:59 (CEST). Applicants must use the EPTK portal via palyazat.gov.hu to submit ¹.

Who can apply and applicant type details

Eligible applicants:Micro, small and medium-sized enterprises (SMEs) only. Eligibility conditions specified in the call text and Hungarian Cybersecurity Act provisions: applicants must have at least three closed financial years (full 365-day accounting years, pre-company phase excluded). Applicants must operate in sectors listed in Annex 2 or Annex 3 of the Hungarian Cybersecurity Act (Act LXIX of 2024). The call text explicitly restricts applicant type to SMEs meeting those two conditions; no public bodies, universities, NGOs, individuals or large enterprises are listed as eligible applicants.

Eligible activities and technical scope

Objective:strengthen cyber resilience and risk management capabilities of domestic SME sector, aligned with ECCC objectives and the Digital Europe Cybersecurity 2025–2027 Work Programme. The call funds acquisition of equipment and intangible assets and procurement of services that increase cyber resilience. Full eligible activity list as reproduced from the call follows.

1. 1Acquisition of hardware and intangible assets to enhance cyber resilience, including replacement of obsolete unsupported hardware or software.
2. 2Endpoint protection solutions (centralised antivirus).
3. 3Advanced endpoint protection and incident detection (EDR, XDR).
4. 4Perimeter protection: firewalls, Web Application Firewalls (WAF), proxies, VPN gateways.
5. 5Network monitoring and intrusion detection (IDS/IPS), Network Detection and Response (NDR), WAF.
6. 6Anti-DDoS solutions and denial-of-service mitigation.
7. 7Data backup and recovery (backup/restore solutions).
8. 8Centralised log collection (log management) and advanced log analysis solutions.
9. 9Security information and event management (SIEM) systems.
10. 10Mobile device management (MDM).
11. 11Multi-factor authentication (MFA).
12. 12Identity and access management (IAM).
13. 13Data loss prevention (DLP).
14. 14Anti-spam and e-mail security solutions.
15. 15Governance, risk and compliance (GRC) tools.
16. 16Encryption and key management solutions.
17. 17Procurement of services: vulnerability testing and assessment, SOC services, cybersecurity training and subscriptions, systems integration (design, implementation, configuration, testing, documentation), and cybersecurity consulting and professional advisory services.

Funding modality and financial rules

Funding type:grant (non‑repayable financial support). The call is managed by NCC-HU using Digital Europe Programme funds co‑financed with the Hungarian State budget. The call explicitly states that financing is State aid within Article 107(1) TFEU and may be implemented under de minimis rules (General de minimis aid, Commission Regulation 2023/2832 referenced).

Budget / Funding amount:Metadata shows a budget value of 2 000 000 (EUR) in the portal metadata. The call text does not publish per‑project award ceilings or typical award ranges in the scraped excerpt; applicants must consult the full call documentation on the NCC-HU and palyazat.gov.hu pages for maximum per‑beneficiary or per‑project amounts ¹.

Consortium rules and project structure

Consortium requirement:single applicants only (SMEs). The call repeatedly frames submission as grant applications from individual micro, small and medium enterprises. The portal metadata and call text indicate single‑applicant submissions — there is no requirement for transnational consortia or multiple partners. Where consortiums are referenced in managing rules (general NCC-HU rules), those are program-level rules; this specific call targets individual SME applicants without territorial restriction within the EU/subject to sector eligibility per Hungarian law.

Geographic and legal eligibility

Beneficiary scope:domestic SME sector as managed by NCC-HU. The call text indicates micro, small and medium-sized enterprises may submit grant applications "without territorial restrictions" but also requires applicants operate in sectors listed in Annexes 2 or 3 of Hungary’s Cybersecurity Act (Act LXIX of 2024). Practical interpretation from the document: SMEs established in Hungary or operating in Hungary consistent with the Act’s territorial provisions; the call and management are national (Hungary) and financed through the Digital Europe Programme and Hungarian State budget. The call is aligned with ECCC objectives and EU funding instruments.

Target sectors, technologies and TRL / project stage

Target sector:cybersecurity and ICT for SMEs across sectors designated in Annex 2 or 3 of the Hungarian Cybersecurity Act (these Annexes list sectoral scopes — see the Act for the exact sector codes and descriptions). Thematic focus: cybersecurity infrastructure, services and processes, including endpoint security, network and perimeter protection, monitoring, SIEM, DLP, IAM, MFA, encryption, backup/recovery, MDM, anti‑DDoS, GRC, anti‑spam, secure replacement of obsolete systems, testing, SOC services, training and consulting, and systems integration. Project stage: implementation / deployment and operational capability upgrades. This call supports acquisition, deployment, integration and service procurement — projects are expected at development to demonstration and operational deployment maturity rather than early‑stage research or pure R&D.

Application process and evaluation

Application type:open competitive call with a single submission stage for applicants; applications are submitted electronically via the EPTK system on palyazat.gov.hu. The evaluation procedure: continuous eligibility checks and rolling submission into content evaluation. Applications will be evaluated in stages and funding decisions are taken in the order of scores achieved within each phase. Applicants are advised to monitor announcements and system messages during application completion (notifications about budget monitoring are sent only to businesses that begin completing their application).

1. 1Submission method: online via EPTK / palyazat.gov.hu — register and submit using Single sign-on Interface Login.
2. 2Evaluation: continuous eligibility checks, ongoing content evaluation; decisions in order of evaluation scores per phase.
3. 3Deadline: single-stage closing 2026-05-28 23:59 CEST.

Stages, timing and success rate expectations

Application stages:administratively this is single-stage submission with multi-step processing: 1) online submission and initial eligibility checks, 2) content (technical) evaluation, 3) ranking and funding decisions by score within each evaluation phase, 4) grant award and contract / payment processing. The portal metadata and call text refer to staged evaluation and score‑based decisions within phases. Exact number of selection stages and timelines for each stage beyond submission dates are defined in the full call documents available from NCC-HU and palyazat.gov.hu. Success rates: not provided in the scraped content. Success probability depends on quality of application and available call budget; applicants should treat success as competitive and prepare to demonstrate strong technical need, compliance with the Cybersecurity Act sector eligibility, robust procurement plans and value for money.

Co‑funding / State aid and other financial rules

The call treats financing as State aid within Article 107(1) TFEU. The call text references implementation under the General de minimis aid regime (Commission Regulation 2023/2832). The scraped content does not provide a mandatory co‑funding percentage; the call documents and General Terms and Conditions (GTC) and Accounting Guide must be consulted to confirm co‑financing or own contribution requirements. Applicants should expect that typical public support rules (eligibility of costs, allowable overheads, documentation and audit trail) apply and that some form of co‑financing or retention of own funds may be required depending on the specific project and sector rules — check the call’s detailed rules and the NCC-HU Accounting Guide for exact co‑funding conditions and eligible cost categories.

Application templates and required documentation

The NCC-HU portal provides a set of templates and guidance documents referenced in the call web pages and documents list. The metadata shows the exact downloadable templates and guidance items available on the NCC-HU and palyazat.gov.hu pages. Key documents listed in the scraped content include: NCC-HU foundational charter, call template TO (ncc-hu-fstp-2026-to-sablon-260323.docx), guidance on e‑paper use, price quote template (ncc-hu-arajanlat-sablon-260323.docx), subcontractor conflict of interest declaration, supplier conflict of interest declaration, General Terms & Conditions (ASZF), and the NCC-HU accounting and payment guidance (elszamolasi-utmutato-11-260327.pdf). The call also provides a grant application form and annexes via the EPTK system; a dedicated EPTK user manual is available at help.fair.gov.hu. Applicants must: register on palyazat.gov.hu, complete the online application form and upload required annexes (financial statements proving three closed financial years; company registration, sector evidence demonstrating operation in Annex 2 or 3 sectors; price quotations, technical specifications, implementation plan, training or service contracts where applicable).

1. 1Mandatory financial history: at least three closed financial years with financial statements (each a full 365‑day period).
2. 2Sector evidence: demonstration that enterprise operates in sectors listed in Annex 2 or 3 of Hungarian Cybersecurity Act LXIX/2024.
3. 3Technical documentation: specifications of requested equipment/software, deployment/integration plan, procurement quotes (use call price quote template where indicated).
4. 4Service contracts or service descriptions for SOC, testing, training or consultancy with scope, duration and deliverables.
5. 5Administrative forms: GTC acceptance, accounting guide compliance statements, conflict of interest declarations for subcontractors and suppliers.

Evaluation, compliance and legal framework

Evaluation and award:applications are subject to continuous eligibility checks and content evaluation on an ongoing basis; eligible applications enter content evaluation and are scored; funding decisions are taken in order of achieved scores within each evaluation phase. The managing documents for the call include: the call for proposals, Government Decree No. 474/2025 on NCC activities, General Terms and Conditions, NCC-HU Accounting Guide, grant application form and annexes. The call documents may set stricter requirements than general accounting guidance; in case of discrepancy the call for proposals prevails. Rules on State aid conformity are referenced and de minimis rules apply. Applicants must follow public procurement and documentation rules when procuring goods or services with grant proceeds; NCC-HU will carry out procurement and eligibility checks and may perform post‑award audits and on‑site inspections. The Hungarian Cybersecurity Act (Act LXIX of 2024) provisions govern sector and operational obligations for beneficiaries and are referenced extensively in accompanying law.

Contact points and help

Primary contact for the call:NCC-HU customer service at ncc-ih@nbsz.gov.hu. Application portal guidance and user manual for the EPTK electronic submission interface are available at help.fair.gov.hu. Call downloads and supporting templates are published on NCC-HU official website and palyazat.gov.hu; applicants should monitor these portals for updates and amendments.

Quick classification answers (structured)

1. 1Eligible Applicant Types: Micro, small and medium-sized enterprises (SMEs) only; must have at least three closed financial years and operate in sectors listed in Annex 2 or 3 of Hungary’s Cybersecurity Act. No other applicant types are shown as eligible in the call excerpt.
2. 2Funding Type: Grant (non‑repayable financial support administered by NCC-HU under Digital Europe Programme and Hungarian State budget).
3. 3Consortium Requirement: Single applicant (individual SME). The call is aimed at individual SMEs rather than multi‑partner consortia.
4. 4Beneficiary Scope (Geographic Eligibility): Nationally managed by NCC-HU (Hungary). The call text states SMEs may submit "without territorial restrictions" but sectoral eligibility is defined by Hungarian Cybersecurity Act; applicants should check nationality/establishment rules in the full call documents.
5. 5Target Sector: Cybersecurity and ICT solutions for SMEs (endpoint protection, EDR/XDR, firewall/WAF, IDS/IPS/NDR, Anti‑DDoS, backup/recovery, log management and SIEM, MDM, IAM, MFA, DLP, encryption, GRC, anti‑spam, replacement of unsupported hardware/software; plus cybersecurity testing, SOC, training, subscriptions, systems integration and advisory services).
6. 6Mentioned Countries: Hungary explicitly (NCC-HU and Hungarian legal references). The call is part of EU Digital Europe funding but is implemented nationally by Hungary; the ECCC framework (EU) is referenced. Therefore explicit country: Hungary; region: EU programme alignment.
7. 7Project Stage: Deployment / implementation / operational enhancement (acquisition, integration, testing, training) — practical deployment rather than early research. Relevant TRL: operational / demonstration / rollout stages.
8. 8Funding Amount: Call metadata shows Budget: 2 000 000 (EUR). No per‑project award maxima published in scraped excerpt — consult full call documents for per‑project caps, typical award ranges and co‑financing rates ¹.
9. 9Application Type: Competitive open call with defined submission period via online portal (single‑stage submission); continuous eligibility screening and phased content evaluation conducted by NCC-HU.
10. 10Nature of Support: Monetary grants (financial support). The program finances equipment, software, and procurement of services. Support is classified as State aid and may be subject to de minimis rules.
11. 11Application Stages: Administrative eligibility check then content evaluation; overall a single submission with multi-step evaluation (effectively 2 main review stages: eligibility and content scoring, followed by ranking and award decision). The managing rules include rights to documentation updates, quality assurance and staged award decisions.
12. 12Success Rates: Not specified in the scraped content. The call is competitive; success depends on scoring and available budget (€2M indicated). Applicants should assume low to moderate success probability depending on request size and competition.
13. 13Co‑funding Requirement: Not explicitly stated in the scraped excerpt. Financing is State aid and de minimis rules are referenced; applicants must consult the call text, Accounting Guide and General Terms and Conditions for specific co‑financing percentages or minimum own contribution requirements. The call may impose co‑funding or require eligible cost coverage rules.

Practical next steps for applicants

1. 1Read the full call documentation and annexes on the NCC-HU website and palyazat.gov.hu; download templates (price quote template, application form template, accounting guide, GTC).
2. 2Verify eligibility: confirm your SME classification, three closed financial years with audited or signed financial statements, and that your business activity is listed in Annex 2 or 3 of Act LXIX/2024. If unclear, consult the Act and NCC-HU guidance.
3. 3Prepare technical and procurement documentation: detailed technical specification for equipment/software/services; three supplier quotes aligned to the call price quote template; an integration and implementation plan; timelines and milestones (mérföldkövek).
4. 4Register and complete submission early in the EPTK system at palyazat.gov.hu. Use the EPTK user manuals linked on NCC-HU pages and the Help fair site. Monitor system messages and budget notifications while completing your application.
5. 5Ensure compliance with State aid rules: collect supporting evidence for de minimis calculations and any co‑funding. Prepare accounting and procurement documentation consistent with the NCC-HU Accounting Guide and Government Decree No. 474/2025.
6. 6If in doubt, contact NCC-HU customer service at ncc-ih@nbsz.gov.hu well before the deadline to clarify eligibility, required documentation and procedural questions.

Summary — what is this opportunity about?

This NCC-HU call (SSNS-NCC-HU-FSTP-2026) is a nationally managed, EU‑aligned funding opportunity under the Digital Europe Programme and Hungarian State budget designed to raise the cyber resilience of domestic SMEs. It targets proven SMEs (minimum three full financial years) that operate in sectors defined in Hungary’s Cybersecurity Act and supports procurement of cybersecurity hardware, software, intangible assets and professional services to improve detection, prevention, recovery and governance capabilities. Eligible activities include endpoint and perimeter protection, EDR/XDR, SIEM, IDS/IPS/NDR, Anti‑DDoS, backup and recovery, log management and analysis, IAM, MFA, DLP, encryption, MDM and replacement of unsupported components, plus testing, SOC, training, subscriptions, integration and consultancy. The call is competitive, submitted via the Hungarian e‑application system between 08 April and 28 May 2026, evaluated in phases by NCC-HU with funding decisions based on scores. Financing is provided as grants, treated as State aid and subject to de minimis and Hungarian legal provisions; applicants must follow the detailed rules and accounting guidance in the call documentation. The portal metadata shows an indicative budget of €2 000 000 for the call; specific award amounts, co‑funding and precise eligibility boundaries must be confirmed by consulting the full call text, templates and the NCC-HU Accounting Guide available on palyazat.gov.hu and NCC-HU web pages ¹.

Footnotes

1. 1Full call documents, templates and the official call text are available for download from the NCC-HU website and the Hungarian portal palyazat.gov.hu; the original call listing on the EU Funding & Tenders Portal is: Deploying The Network of National Coordination Centres with Member States (DIGITAL-ECCC-2024-DEPLOY-NCC-06) — portal reference 46786367/13882. For e‑submission the EPTK system help manual is at help.fair.gov.hu and NCC-HU call documents at palyazat.gov.hu (search SSNS-NCC-HU-FSTP-2026).

Funding Opportunity Overview

This is a Hungarian national cybersecurity funding call managed by the National Coordination Centre (NCC-HU) under the Digital Europe Programme. The call aims to enhance cybersecurity resilience and risk management capabilities of the domestic SME sector in Hungary, contributing to the objectives of the European Cybersecurity Industrial, Technology and Research Competence Centre (ECCC). The funding is provided through a combination of Digital Europe Programme resources and the Hungarian State budget.

Call Reference and Identifier:SSNS-NCC-HU-FSTP-2026 (also referenced as DIGITAL-ECCC)

Key Dates and Deadlines

Applications must be submitted electronically via the online application system at palyazat.gov.hu using the Single Sign-On Interface Login button to access the e-Government (EPTK) system. A user manual for the system is available at help.fair.gov.hu. ¹

Funding Amount and Budget

Total Budget:€2,000,000 (approximately HUF 700-€750 milliondepending on exchange rates)

Funding Rate:50% co-financing. This means applicants must provide matching funds equal to 50% of the project cost. The grant covers up to 50% of eligible project costs, with the remaining 50% to be funded by the applicant.

The call operates on a continuous evaluation basis with funding decisions made in order of scores achieved within each phase. Budget monitoring is ongoing, and applicants are advised to monitor system announcements regularly.

Who Can Apply

Eligible Applicants

Micro, small and medium-sized enterprises (SMEs) may submit grant applications for this call if they meet the following criteria:

• Have at least three closed financial years, each supported by financial statements covering a full 365-day period of operation (pre-company status does not qualify)
• Operate in sectors listed in Annexes 2 or 3 of the Hungarian Cybersecurity Act (2024. évi LXIX. törvény)
• Are single legal entities
• Are legally incorporated in an eligible country (EU member states or EEA countries)
• Comply with all relevant legal and ethical requirements
• Ensure that the proposed project is not subject to double funding

Only one proposal per organisation is permitted. Applicants must not fall into any exclusion criteria as defined in the call documentation.

Eligible Sectors

Eligible applicants must operate in sectors specified in Annexes 2 or 3 of Act LXIX of 2024 on Cyber Security in Hungary. These annexes define the sectors subject to cybersecurity obligations under Hungarian law, which generally include critical infrastructure sectors and essential service providers.

Eligible Activities and Costs

Category 1: Acquisition of Equipment and Intangible Assets

Projects may include acquisition of new equipment and intangible assets that result in enhancement of cyber resilience. Eligible solutions include:

• Centralised endpoint protection solutions (traditional antivirus)
• Advanced endpoint protection and incident detection solutions (EDR/XDR)
• Perimeter protection solutions (firewall, Web Application Firewall, proxy, VPN gateway)
• Network traffic monitoring and intrusion detection solutions (WAF, IDS/IPS, NDR)
• Solutions against denial-of-service attacks (Anti-DDoS)
• Data backup and recovery solutions (backup/restore)
• Centralised log collection solutions (log management)
• Advanced log analysis solutions
• Security information and event management solutions (SIEM)
• Mobile device management solutions (MDM)
• Multi-factor authentication solutions (MFA)
• Identity and access management solutions (IAM)
• Data loss prevention solutions (DLP)
• Anti-spam and email security solutions
• Governance, risk and compliance management solutions (GRC)
• Encryption and key management solutions
• Replacement of hardware or software components no longer supported by security updates (obsolete hardware/software)

Category 2: Procurement of Services

Projects may include procurement of services related to enhancement of cyber resilience:

• Cybersecurity testing and assessment services (vulnerability testing)
• Cybersecurity Operations Centre (SOC) services
• Cybersecurity-related training activities
• Subscriptions to cybersecurity training platforms
• Integration of hardware and software tools (system design, implementation, configuration, testing and documentation)
• Cybersecurity-related consulting and professional advisory services

Detailed information on eligible costs and any restrictions is contained in the full call documentation.

Application Process

How to Submit

Applications must be completed and submitted using the online application form available at palyazat.gov.hu. Applicants must log in via the Single Sign-On Interface Login button to access the e-Government (EPTK) system. The submission period runs from 9:00 CEST on 8 April 2026 to 23:59 CEST on 28 May 2026.

Evaluation Process

The managing authority (NCC-HU) will continuously check the eligibility of applications received in each phase according to the eligibility criteria specified in the call. Eligible applications will be submitted for content evaluation on an ongoing basis. Grant decisions will be made in each phase in order of the scores achieved during the evaluation. ²

Project Duration and Implementation

The call documentation does not specify a fixed project duration. Project timelines should be detailed in individual applications based on the scope and nature of the cybersecurity enhancement activities proposed. Applicants should ensure that project implementation timelines are realistic and clearly documented in their proposals.

Compliance and Regulatory Framework

This call is implemented under the Digital Europe Programme and is subject to EU competition law. The financing of activities eligible under this call is considered State aid within the meaning of Article 107(1) of the Treaty on the Functioning of the European Union (TFEU) and is implemented in compliance with EU competition law under the General de minimis aid category (EU Commission Regulation 2023/2832).

The detailed rules governing NCC-HU's management and use of funds are set out in Government Decree No. 474/2025 (XII. 30.) on the detailed rules for the activities of the National Coordination Centre. Applicants must comply with all conditions specified in the following documents:

• The call for proposals
• Government Decree No. 474/2025 (XII. 30.)
• General Terms and Conditions (GTC)
• NCC-HU Accounting Guide
• Grant application form and its annexes

In case of any discrepancy between the provisions of the call for proposals and the general provisions of the Accounting Guide, the provisions of the call for proposals shall prevail. The managing authority reserves the right to amend these documents, and applicants are requested to regularly monitor the official website of NCC-HU and palyazat.gov.hu for updates.

Supporting Documentation and Resources

The following documents are available on the palyazat.gov.hu website to support applicants:

• Call for proposals full text
• Application form template
• Accounting guide
• User manual for the EPTK system
• Charter of Fundamental Rights
• Terms of Reference template
• Quotation template
• Subcontractor incompatibility declaration
• Supplier incompatibility declaration
• Guide for e-paper usage

An online information session was held on 16 April 2026 to provide interested parties with comprehensive information about the application opportunity and the process of submitting grant applications. The session was conducted via Microsoft Teams and required prior registration at ncc-hu@ncc.gov.hu.

Contact Information and Support

For questions or comments regarding the call for proposals, applicants should contact the NCC-HU customer service at ncc-ih@nbsz.gov.hu. The managing authority is the National Coordination Centre (NCC-HU), which operates under the framework of the Digital Europe Programme and the Hungarian State budget.

Additional information about the call and related documentation can be found on the official website of NCC-HU at ncc.gov.hu and on the Hungarian government funding portal at palyazat.gov.hu.

Strategic Context and Objectives

This funding call is part of Hungary's broader commitment to strengthening cybersecurity resilience across the SME sector. It responds to the requirements of the NIS2 Directive (Network and Information Security Directive 2), which has expanded cybersecurity compliance obligations to many SMEs with over 50 employees or annual turnover exceeding €10 million. The call also supports compliance with the Cyber Resilience Act (CRA), which establishes harmonized cybersecurity requirements for products containing digital elements placed on the EU market. ³

By providing financial support for cybersecurity improvements, this call aims to make cybersecurity more accessible and affordable for SMEs that may lack the necessary budget or expertise to implement required security measures independently. The funding supports the development of a resilient and secure digital ecosystem across Hungary and contributes to the EU's strategic autonomy in cybersecurity.

Important Considerations for Applicants

• Applicants must ensure they meet all eligibility criteria, particularly the requirement of at least three closed financial years and operation in eligible sectors
• The 50% co-financing requirement means applicants must secure matching funds from their own resources or other sources
• Applications are evaluated continuously, so early submission may be advantageous as funding is allocated in order of scores achieved
• Projects must clearly demonstrate how the proposed cybersecurity enhancements will improve the organisation's cyber resilience and compliance with relevant regulations
• All project costs must be eligible and properly documented; applicants should review the Accounting Guide carefully
• The application system requires electronic submission; applicants should ensure they have access to the EPTK system and understand how to use it
• Applicants should monitor the palyazat.gov.hu website regularly for any updates or amendments to the call documentation
• Only one proposal per organisation is permitted, so applicants should carefully plan their project scope

Footnotes

1. 1The EPTK system is the Hungarian e-Government application platform. A comprehensive user manual is available at help.fair.gov.hu to assist applicants with system navigation and application submission.
2. 2The continuous evaluation approach means that applications are assessed as they are received, and funding decisions are made based on the quality scores achieved. Applicants are advised to monitor system announcements and notifications, which are sent to organisations that have begun completing their grant applications.
3. 3The NIS2 Directive requires organisations with over 50 employees or annual turnover exceeding €10 million to implement cybersecurity risk management plans, multi-factor authentication, data encryption, continuous network monitoring, and incident reporting within 24 hours. Non-compliance can result in fines up to €10 million or 2% of global turnover. The Cyber Resilience Act, applicable from 2027, establishes mandatory cybersecurity requirements for manufacturers, importers, and software managers throughout a product's lifecycle.