Between the Deployment Actions in the area of Cybersecurity (DIGITAL-ECCC-2024-DEPLOY-CYBER-06) we found this call to Strengthen Cybersecurity capacities of European SMEs in line with CRA requirements and obligations.
Call for Proposal Grant.
Programme: Digital Europe Programme (DIGITAL).
Status: Open for submission.
Expected Outcome:
Deliverables:
-
Financial support for SMEs and other stakeholders for CRA compliance.
-
Openly available platform with CRA-related resources (such as guidelines and supporting documents), providing supporting community building and upskilling
-
Workshops, events, networking and exchange of experience of stakeholders
-
Contributions to CRA standardisation
Objective:
The objective of this topic is to support European SMEs, with a focus on micro and small enterprises, to strengthen their cybersecurity capacities and to support the implementation of the proposed Regulation on the Cyber Resilience Act (CRA).
Scope:
In synergy with other actions launched under this WP which will be developing compliance tools for the CRA, the action should distribute cascade financing grants to European SMEs, with a focus on micro and small enterprises, though remaining open to other stakeholders, to support achieving compliance with requirements and obligations stemming from the CRA.
Applicants are encouraged to identify categories of cascade financing recipients, including at least the following:
-
Manufacturers of products with digital components, including software developers.
-
Providers of tools and solutions that facilitate compliance with CRA obligations.
-
Other well-justified categories in line with CRA (e.g., distributors, importers, open-source community).
For each identified stakeholder category, a dedicated set of activities should be devised taking into consideration the specific needs of target consumers, business users, and other relevant stakeholders.
The proposed project should include actions addressing the following:
-
Awareness raising, dissemination and other stakeholder engagement actions with the focus on the cascade financing to European SMEs, with a focus on micro and small enterprises.
-
Managing an open call process to distribute cascade funding, including impartial evaluation of proposals and monitoring the implementation of grants.
-
Establish an openly available platform providing links to CRA-related resources that the proposed project itself would collect or develop or which would be available from external sources and supporting community building and upskilling. This includes for example a dedicated central repository website to allow easy finding of internal and external resources, step-by-step guidelines, compliance tools, training materials, free and open-source code implementations, and other relevant resources to achieve CRA compliance. This should include, amongst others, tools procured for this purpose under this work programme.
-
In close coordination with the EU Cybersecurity Skills Academy, perform trainings and upskilling of stakeholders to achieve CRA compliance, i.e. organise workshops, training sessions, and events, draft guidelines, supporting actions to facilitate interaction among European SMEs, including drafting reports or other material discussing the implementation of CRA compliance requirements and promoting awareness, including by contributing to relevant deliverables of standardisation bodies e.g. through a sectoral perspective and informed by the needs of companies on the ground.
-
Facilitate and share CRA compliance best-practices and use-cases.
-
Contribute to standardisation efforts, as appropriate, considering the activities of European and international standardisation that are directly relevant to the CRA implementation.
Third parties receiving grants should, in particular:
-
Engage in testing, detecting and addressing vulnerabilities, producing documentation, carrying out conformity assessment and implementing other measures necessary to comply with the CRA.
-
Participate in workshops, training sessions, and events that facilitate interaction among European SMEs, with a focus on micro and small enterprises, to discuss and implement CRA compliance.
-
Contribute to the proposed project’s efforts in collecting the needs and perspectives of SMEs towards CRA-related standardisation deliverables.