Generative AI for Cybersecurity applications

The Horizon Europe grant opportunity titled "Generative AI for Cybersecurity applications" focuses on enhancing cybersecurity using AI-driven innovation, specifically through generative AI technologies. It is under Cluster 3, which deals with "Civil Security for Society." The aim is to develop new technologies, tools, and processes that can strengthen cybersecurity while ensuring compliance with relevant EU policies and legal standards.

Eligible applicants for this grant include universities, research institutes, small and medium-sized enterprises (SMEs), large enterprises, and public-private partnerships. The projects are expected to involve multidisciplinary teams that include researchers, industry partners, and security practitioners, such as those from law enforcement and cybersecurity fields.

The funding type for this initiative is characterized as a grant, specifically classified under the Horizon Europe Research and Innovation Actions (RIA). The consortium requirement dictates that proposals must include various stakeholders, emphasizing collaboration among diverse entities to address cybersecurity challenges.

Geographically, eligibility is limited to legal entities established in EU member states and associated countries. Non-EU entities may have specific provisions for participation but are generally excluded.

The target sectors encompass cybersecurity, artificial intelligence—particularly generative AI—and related information and communication technologies (ICT). Projects should align with the EU's commitment to digital security and technological sovereignty.

Funding amounts are estimated to vary based on specific topics, with ranges typically falling between 2 million to 14 million euros. The call is structured as a single-stage application process, with submissions due by November 12, 2025.

The nature of support is strictly monetary, aimed at funding research and innovation projects. The application process involves submitting comprehensive proposals, as applicants do not have to face multiple stages.

While success rates for such grants typically hover between 10 to 39%, the specifics for this call remain unspecified. Co-funding is a likely requirement, especially from industry partners, although details may vary as per the specific call conditions.

In summary, this funding opportunity aims to catalyze innovative projects that apply generative AI to improve cybersecurity. It seeks to create advanced solutions for current digital threats and enhance compliance with evolving cybersecurity regulations, reflecting the EU's emphasis on bolstering cybersecurity infrastructure. Proposals should demonstrate practical relevance and applicability, showcasing how they can bridge research and real-world deployment. The funding supports projects that not only advance technology but also consider legal and ethical implications.

Proper documentation and intellectual property considerations are key aspects applicants should address in their proposals. Overall, it presents a significant opportunity for entities involved in AI and cybersecurity to contribute to meaningful advancements in the field.

This is a Horizon Europe (HORIZON) call for proposals, specifically an Indirectly Managed Action by the ECCC (European Cybersecurity Competence Centre), with the call identifier HORIZON-CL3-2025-01-IM-01. The call focuses on Generative AI for Cybersecurity applications. The type of action is HORIZON-RIA (Research and Innovation Actions), utilizing a HORIZON Action Grant Budget-Based [HORIZON-AG] Model Grant Agreement (MGA). It is a forthcoming call with a single-stage deadline model. The planned opening date is 12 June 2025, and the deadline for submission is 12 November 2025 at 17:00:00 Brussels time.

The expected outcome of projects funded under this call is the development of technologies, tools, and processes that reinforce cybersecurity using AI technological components, particularly Generative AI, in line with relevant EU policy, legal, and ethical requirements. Proposals should address at least one of the following specific expected outcomes:

Developing, training, and testing of Generative AI models for monitoring, detection, response, and self-healing capabilities in digital processes and systems against cyberattacks, including adversarial AI attacks.

Development of Generative AI tools and technologies for continuous monitoring, compliance, and automated remediation, considering legal aspects of EU and national regulation, as well as ethical and privacy aspects.

The scope of the call emphasizes the increasing importance of Artificial Intelligence in applications involving massive data and the need for deeper analysis and research to understand its implications for cybersecurity. Generative AI presents both opportunities and challenges in this field. The call supports research on new opportunities brought by Generative AI for Cybersecurity applications, focusing on developing, training, and testing AI models to:

Scale up detection of threats and vulnerabilities.

Enhance response time.

Cope with large quantities of data.

Automate process and decision-making support.

Examples of applications include:

Generating reports from threat intelligence data.

Suggesting and writing detection rules.

Threat hunts.

Queries for Security Information and Event Management (SIEM).

Creating management, audit, and compliance reports.

Reverse engineering malware.

Proposals can address one of two expected outcomes, a) or b).

Proposals addressing expected outcome a) should focus on:

(a) (i) Advanced threat and anomaly detection and analysis: Developing, training, and testing Generative AI models to analyze large data volumes and accurately identify anomalies and deviations from normal behavior patterns, enabling more effective threat detection, analysis, and response. Tools should also support cybersecurity professionals in detecting and responding to threats posed by generative AI.

(a) (ii) Adaptive security measures: Supporting cybersecurity tools to adapt and respond to emerging threats in real-time, improving overall security posture, through the development, training, finetuning, and testing of Generative AI models. This addresses the limitations of static rules and signatures in current tools and the time-consuming nature of manual intervention.

(a) (iii) Enhanced authentication and access control: Improving the resilience of authentication and access control systems to unauthorized access and credential theft using AI technologies.

Proposals addressing expected outcome b) should focus on:

(b) (i) Development of tools powered by Generative AI that analyze and facilitate the application of national and EU regulation in digital systems, in particular the Artificial Intelligence Act, the Directive on measures for a high common level of cybersecurity across the Union (NIS2), and the Cyber Resilience Act.

(b) (ii) Adaptation to a dynamic environment: Addressing the challenges companies, public sector, and organizations face in keeping up with compliance towards cybersecurity rules due to the ever-changing environment. This includes developing tools powered with Generative AI to address the variety of rules applicable at sectorial, national, or European level, as well as change management and updates in ICT systems.

All proposals are expected to respect Trustworthy and Responsible AI principles and data privacy. They should demonstrate EU added value by fostering the development of EU technology, using open-source technologies when feasible, and exploiting available EU data (Data Spaces, EOSC, federated data etc.). Proposals should define Key Performance Indicators (KPIs) with baseline targets to measure progress and demonstrate significant advancement to the state-of-the-art. All technologies and tools developed should be appropriately documented to support take-up and replicability. Participation of SMEs is encouraged. Proposals are expected to pay special attention to the Intellectual Property dimension of the results, and the usability of outcomes will be closely assessed.

The general conditions for this call include:

Admissibility Conditions: Proposal page limit and layout as described in Annex A and Annex E of the Horizon Europe Work Programme General Annexes and Part B of the Application Form.

Eligible Countries: As described in Annex B of the Work Programme General Annexes. Participation is limited to legal entities established in Member States and Associated Countries to safeguard the Union’s strategic assets, interests, autonomy, and security. Entities controlled by non-eligible countries are excluded.

Financial and operational capacity and exclusion: As described in Annex C of the Work Programme General Annexes.

Evaluation and award: Award criteria, scoring and thresholds are described in Annex D of the Work Programme General Annexes. To ensure a balanced portfolio, grants will be awarded to the two highest-ranked proposals addressing expected outcome a) and the highest-ranked proposal addressing expected outcome b), provided they meet all thresholds.

Submission and evaluation processes: As described in Annex F of the Work Programme General Annexes and the Online Manual.

Indicative timeline for evaluation and grant agreement: As described in Annex F of the Work Programme General Annexes.

Legal and financial set-up of the grants: As described in Annex G of the Work Programme General Annexes.

Specific conditions are described in the specific topic of the Work Programme.

Application and evaluation forms and model grant agreement (MGA) information:

Application form templates are available in the Submission System, including standard application forms for HE RIA, IA, CSA, RI, PCP, PPI, COFUND, FPA, MSCA DN, PF, SE, COFUND, ERC STG, COG, ADG, POC, SYG, EIC PATHFINDER CHALLENGES, OPEN, and TRANSITION.

Evaluation form templates will be used with necessary adaptations, including standard evaluation forms for HE RIA, IA, CSA, RIA/IA/CSA Stage 1, PCP/PPI, COFUND, FPA, MSCA, EIC PATHFINDER CHALLENGES/OPEN/TRANSITION, and EIC Accelerator stage 1 and 2.

Guidance documents include the HE Programme Guide, Model Grant Agreements (HE MGA, HE Unit MGA, Lump Sum MGA, Operating Grants MGA, Framework Partnership Agreement FPA), call-specific instructions, detailed budget table (HE LS), information on financial support to third parties (HE), information on clinical studies (HE), and guidance on lump sums.

Additional documents include the HE Main Work Programme 2023–2025 (General Introduction, Marie Skłodowska-Curie Actions, Research Infrastructures, Health, Culture/creativity/inclusive society, Civil Security for Society, Digital/Industry/Space, Climate/Energy/Mobility, Food/Bioeconomy/Natural Resources/Agriculture/Environment, European Innovation Ecosystems, Widening participation/strengthening ERA, Missions, and General Annexes), the HE Programme Guide, HE Framework Programme 2021/695, HE Specific Programme Decision 2021/764, EU Financial Regulation 2024/2509, decision authorizing lump sum contributions, rules for legal entity validation, and various guides and manuals.

The budget overview for the call in 2025 is as follows:

HORIZON-CL3-2025-02-CS-ECCC-01: HORIZON-RIA, 40,000,000 EUR, contributions of 12,000,000 to 14,000,000 EUR, 3 indicative grants.

HORIZON-CL3-2025-02-CS-ECCC-02: HORIZON-IA, 23,550,000 EUR, contributions of 4,500,000 to 6,000,000 EUR, 4 indicative grants.

HORIZON-CL3-2025-02-CS-ECCC-03: HORIZON-RIA, 11,000,000 EUR, contributions of 3,000,000 to 4,000,000 EUR, 3 indicative grants.

HORIZON-CL3-2025-02-CS-ECCC-04: HORIZON-RIA, 4,000,000 EUR, contributions of 2,000,000 to 3,000,000 EUR, 2 indicative grants.

HORIZON-CL3-2025-02-CS-ECCC-05: HORIZON-RIA, 6,000,000 EUR, contributions of 2,000,000 to 3,000,000 EUR, 2 indicative grants.

HORIZON-CL3-2025-02-CS-ECCC-06: HORIZON-RIA, 6,000,000 EUR, contributions of 2,000,000 to 3,000,000 EUR, 2 indicative grants.

There are 18 partner search announcements available. The submission system is planned to open on the date stated on the topic header.

This Horizon Europe call aims to bolster cybersecurity by leveraging the capabilities of Generative AI. It seeks to fund projects that develop innovative technologies, tools, and processes to enhance threat detection, improve response times, and automate compliance with cybersecurity regulations. The call encourages participation from SMEs and emphasizes the importance of responsible AI development, data privacy, and the creation of EU-centric technologies. By addressing the opportunities and challenges presented by Generative AI, this initiative aims to strengthen the EU's cybersecurity posture and promote a secure digital environment for its citizens and businesses. The call is structured to ensure a balanced portfolio of projects, with specific attention given to proposals addressing advanced threat detection and those focusing on regulatory compliance.

Eligible Applicant Types: The eligible applicant types are legal entities established in Member States and Associated Countries. Participation is limited to these entities to safeguard the Union's strategic assets, interests, autonomy, and security. SMEs are encouraged to participate. Entities established in eligible countries but directly or indirectly controlled by a non-eligible country or entity are not allowed to participate.

Funding Type: The primary financial mechanism is a grant, specifically HORIZON Research and Innovation Actions (HORIZON-RIA) and HORIZON Innovation Actions (HORIZON-IA) under the Horizon Europe program. The type of Model Grant Agreement (MGA) is a HORIZON Action Grant Budget-Based [HORIZON-AG].

Consortium Requirement: The opportunity appears to allow for both single applicants and consortia. The encouragement of SME participation and the partner search announcements suggest that consortia are welcome, but the eligibility criteria focus on legal entities, implying that a single entity could apply.

Beneficiary Scope (Geographic Eligibility): The geographic eligibility is limited to legal entities established in EU Member States and Associated Countries. Non-EU/non-Associated Countries may have specific provisions for funding their participants, as detailed in the Horizon Europe Programme Guide.

Target Sector: The program targets the cybersecurity sector, specifically focusing on the application of Artificial Intelligence (AI) and Generative AI to enhance cybersecurity technologies, tools, and processes. It also addresses the legal and ethical aspects of AI in digital systems, including compliance with the Artificial Intelligence Act, the Directive on measures for a high common level of cybersecurity across the Union (NIS2), and the Cyber Resilience Act.

Mentioned Countries: The opportunity explicitly mentions EU Member States and Associated Countries as the primary geographic focus for eligible applicants. It also refers to non-EU/non-Associated Countries that may have specific funding provisions, without naming them individually.

Project Stage: The expected maturity of the project varies depending on the type of action. HORIZON-RIA (Research and Innovation Actions) suggests projects in the research, development, and validation stages, while HORIZON-IA (Innovation Actions) implies projects in the demonstration, commercialization, and scale-up stages. The call aims to develop and test AI models, develop tools, and enhance existing cybersecurity measures, indicating a focus on both development and validation.

Funding Amount: The funding range varies depending on the specific topic within the call:
HORIZON-CL3-2025-02-CS-ECCC-01: EUR 12,000,000 to EUR 14,000,000
HORIZON-CL3-2025-02-CS-ECCC-02: EUR 4,500,000 to EUR 6,000,000
HORIZON-CL3-2025-02-CS-ECCC-03: EUR 3,000,000 to EUR 4,000,000
HORIZON-CL3-2025-02-CS-ECCC-04: EUR 2,000,000 to EUR 3,000,000
HORIZON-CL3-2025-02-CS-ECCC-05: EUR 2,000,000 to EUR 3,000,000
HORIZON-CL3-2025-02-CS-ECCC-06: EUR 2,000,000 to EUR 3,000,000

Application Type: The application type is an open call with a single-stage submission process.

Nature of Support: Beneficiaries will receive money in the form of grants to fund their research and innovation projects.

Application Stages: The application process is single-stage, meaning applicants submit a full proposal at once.

Success Rates: The success rates are not explicitly mentioned, but the indicative number of grants for each topic provides some insight. For example, HORIZON-CL3-2025-02-CS-ECCC-01 aims to award 3 grants, while others aim for 2-4 grants. The actual success rate will depend on the number and quality of applications received.

Co-funding Requirement: The need for co-funding is not explicitly stated. Horizon Europe typically funds a significant portion of project costs, but applicants should consult the specific call conditions and the Horizon Europe Programme Guide for detailed information on eligible costs and funding rates.

This Horizon Europe call focuses on leveraging Generative AI to bolster cybersecurity across the EU. It seeks projects that develop innovative technologies, tools, and processes, ensuring they align with EU policies, laws, and ethical standards. The call is structured around two primary expected outcomes: enhancing cybersecurity through AI-driven monitoring, detection, and response, and creating AI tools for continuous compliance and automated remediation, considering legal and ethical dimensions.

The scope encompasses a wide array of applications, from advanced threat detection and adaptive security measures to enhanced authentication and regulatory compliance tools. Projects should demonstrate EU added value by promoting EU technology, open-source solutions, and the use of EU data resources. Participation from SMEs is encouraged, and proposals should prioritize intellectual property considerations and the practical usability of project outcomes.

Eligible applicants are legal entities from EU Member States and Associated Countries, with specific attention to ensuring that entities are not controlled by non-eligible countries. The funding is provided through HORIZON-RIA and HORIZON-IA grants, with budgets ranging from 2 million to 14 million EUR depending on the specific topic. The application process is single-stage, with a deadline in November 2025. This call represents a significant opportunity for organizations to contribute to the cutting-edge of AI-enhanced cybersecurity, addressing both technological advancements and regulatory compliance in the digital landscape.