Grant Details

https://www.vlaio.be/nl/subsidies-financiering/subsidiedatabank/cybersecurity-subsidies

1. General Overview

Grant Name and Funding Organization

Cybersecurity subsidies provided by VLAIO (Flemish Agency for Innovation and Entrepreneurship).

Total Funding Amount and Duration

Funding amount varies per instrument: Cybersecurity verbetertrajecten (€8,500 to €35,000), Kmo-portefeuille (max €7,500/year), Innovatiesteun (minimum €25,000 for development projects, €100,000 for research projects).

Recurring grant with ongoing application opportunities.

Primary Objective and Mission Statement

To sustainably improve cybersecurity resilience of Flemish enterprises.

Support enterprises in investing in cybersecurity to mitigate hacking risks.

Key Stakeholders and Beneficiaries

Flemish enterprises including SMEs, maatwerkbedrijven (customized employment companies), non-SMEs under NIS2 directive, and innovative startups.

External recognized cybersecurity service providers.

Grant Program Context and History

Part of broader governmental efforts to enhance cybersecurity amid increased digitalization.

Includes multiple instruments addressing different stages and needs.

Funding Source and Type

Regional government funding via VLAIO.

Some subsidies fall under European de-minimis state aid regulation.

Significance within Funding Landscape

Important support for cybersecurity improvements in Flemish enterprises.

Complemented by European programs like Digital Europe and Horizon Europe.

Grant Frequency

Recurring with continuous application windows.

2. Organizational Aspects

Eligible Organization Types

SMEs (kmo's), maatwerkbedrijven (including vzw's with economic activity), non-SMEs under NIS2 directive.

Innovative startups younger than two years for ISS.

Enterprises active in the Flemish region.

Specific Qualifications and Certifications Needed

For Cybersecurity verbetertrajecten, must use recognized service providers selected under the Flemish government framework contract.

Organizational Size and Capacity Requirements

SMEs and maatwerkbedrijven eligible for higher subsidy rates.

Non-SMEs under NIS2 directive eligible for lower subsidy rate.

Geographic Location Requirements

Enterprises must be located in the Flemish region of Belgium.

Track Record and Experience Requirements

Not explicitly specified.

Partnership or Consortium Requirements

Not specified; individual enterprises can apply.

Organizational Structure Preferences

Includes SMEs, maatwerkbedrijven, vzw's with economic activity.

Inclusivity and Diversity Considerations

No explicit mention.

Previous Relationship with Funder Considerations

Not specified.

Organizational Maturity Requirements

Innovative Starterssteun targets startups younger than two years.

3. Scope and Focus

Primary Focus Areas and Priorities

Improving cybersecurity resilience and maturity.

Supporting digitalization and cybersecurity-related innovation.

Target Sectors and Themes

All sectors with digitalization and cybersecurity needs.

Includes enterprises with business-critical IT architecture, software, IoT systems.

Target Beneficiaries and Stakeholders

Flemish enterprises, SMEs, maatwerkbedrijven, startups, and non-SMEs under NIS2.

Geographic Coverage Requirements

Flemish region of Belgium.

Scope Limitations and Exclusions

Cybersecurity verbetertrajecten subsidize only when using recognized service providers.

Kmo-portefeuille excludes vzw's.

Innovatiesteun requires economic activity.

Expected Outcomes and Deliverables

Cybersecurity improvement plans and implementation support.

Training and advisory services uptake.

Research and development outputs including prototypes and demonstrators.

Alignment Requirements with Funder Priorities

Alignment with cybersecurity improvement and digital innovation priorities.

Compliance with NIS2 directive for certain enterprises.

Impact Expectations

Enhanced cybersecurity maturity and resilience.

Innovation and market leadership for startups.

Long-term enterprise transformation.

Project Scale Requirements

From initial analysis (START package) to full implementation (PLUS package) in Cybersecurity verbetertrajecten.

Research and development projects with minimum funding thresholds.

Sustainability Expectations

Sustainable improvement of cybersecurity posture.

4. Technical Details

Technical Expertise Requirements

Use of recognized cybersecurity service providers for improvement trajectories.

Infrastructure Requirements

Not specified.

Team Composition and Qualification Requirements

Not specified.

Research Methodology Requirements

For research projects, systematic knowledge building and innovation activities.

Quality Standards and Expectations

Service providers must be selected under Flemish government framework.

Technical Documentation Requirements

Not specified.

Risk Management Expectations

Not specified.

Intellectual Property Policies

Not specified.

Technology Specifications

Not specified.

Technical Partnerships Expectations

Not specified.

Security and Data Protection Requirements

Implicit in cybersecurity focus.

Technical Compliance Standards

Compliance with NIS2 directive for applicable enterprises.

5. Financial Structure

Budget Range and Limitations

Cybersecurity verbetertrajecten: €8,500 to €35,000 (excl. VAT).

Kmo-portefeuille: max €7,500 per year.

Innovatiesteun: minimum €25,000 for development projects, minimum €100,000 for research projects, max €3 million.

Innovatieve starterssteun: €50,000 subsidy.

Eligible and Ineligible Costs

Costs related to external cybersecurity consultancy, training, advice, research and development activities.

Matching Fund Requirements and Percentages

Cybersecurity verbetertrajecten: 50% subsidy for SMEs and maatwerkbedrijven, 35% for non-SMEs under NIS2.

Kmo-portefeuille: 45% subsidy for small enterprises on cybersecurity topics, 35% for medium-sized enterprises.

Innovatiesteun: 25% to 60% subsidy depending on project type.

Co-financing Requirements

Applicants must cover remaining costs not subsidized.

Payment Schedule and Mechanisms

Not specified.

Financial Reporting Requirements

Not specified.

Audit Requirements

Not specified.

Financial Sustainability Expectations

Not specified.

Cost-sharing Structures

Partial subsidy with applicant contribution.

Indirect Cost Policies

Not specified.

Budget Flexibility Parameters

Not specified.

Financial Guarantees Required

Not specified.

6. Timeline and Implementation

Application Deadlines and Submission Windows

No specific deadlines mentioned; ongoing application possible.

Grant Duration Parameters

Not specified.

Implementation Timeline Expectations

Not specified.

Reporting Schedule and Frequency

Not specified.

Key Milestones and Deliverables Timeline

Not specified.

Monitoring and Evaluation Requirements

Not specified.

Implementation Phases Requirements

Cybersecurity verbetertrajecten offered in three packages: START, MEDIUM, PLUS.

Extension Possibilities

Not specified.

Project Planning Requirements

Not specified.

Progress Tracking Mechanisms

Not specified.

Post-grant Period Expectations

Not specified.

7. Compliance and Requirements

Regulatory Compliance Requirements

Compliance with NIS2 directive for applicable enterprises.

Required Permits and Authorizations

Not specified.

Data Protection and Privacy Regulations

Implicit in cybersecurity focus.

Environmental Compliance Requirements

Not specified.

Ethical Standards and Requirements

Not specified.

International Collaboration Regulations

Not specified.

Industry-specific Regulatory Compliance

NIS2 directive compliance required for certain enterprises.

Labor Standards Compliance

Not specified.

Tax Implications and Requirements

Some subsidies fall under de-minimis regulation with reporting obligations.

Reporting Compliance Requirements

Not specified.

Accessibility and Inclusion Standards

Not specified.

Legal Framework Compliance

Must comply with European state aid rules and de-minimis regulation.

8. Application Process

Required Documentation and Materials

Project plan, business case, and use of recognized service providers for cybersecurity trajectories.

Application Procedure and Steps

Applications submitted digitally via VLAIO e-loket or VLAIO app.

For Cybersecurity verbetertrajecten, select a recognized service provider.

Evaluation Criteria and Scoring System

Not explicitly specified.

Review Process and Timeline

Not specified.

Selection Criteria and Priorities

Priority to SMEs, maatwerkbedrijven, and enterprises under NIS2 directive.

Pre-application Requirements

Not specified.

Submission Format and Platform

Digital submission via VLAIO platforms.

Supporting Materials Required

Use of recognized service providers for cybersecurity improvement trajectories.

Interview or Presentation Requirements

Not specified.

Application Assistance Availability

VLAIO bedrijfsadviseurs provide guidance and coaching.

Resubmission Policies

Not specified.

9. Special Considerations

Unique Aspects or Requirements

Three versions of cybersecurity improvement trajectories to match enterprise needs.

Increased subsidy rates for cybersecurity-related training under Kmo-portefeuille.

Potential Challenges or Limitations

Must use recognized service providers for improvement trajectories.

De-minimis subsidy limits apply.

Strategic Alignment Opportunities

Alignment with European cybersecurity and digital innovation priorities.

Access to complementary European funding programs.

Competitive Advantages Factors

Early adoption of cybersecurity improvements.

Access to expert guidance and funding.

Cross-cutting Themes

Digitalization, cybersecurity, innovation, sustainability.

Innovation Requirements or Preferences

Support for innovative projects in cybersecurity and digitalization.

Research Component Requirements

Research projects require systematic knowledge building and innovation.

Risk Tolerance and Mitigation Expectations

Not specified.

Cultural and Contextual Considerations

Focus on Flemish enterprises.

Knowledge Sharing Expectations

Not specified.

10. Previous Funding Patterns

Historical Grant Recipients Profile

SMEs and maatwerkbedrijven in Flanders.

Enterprises under NIS2 directive.

Success Rate Statistics

Not specified.

Grant Size Trends

Cybersecurity verbetertrajecten between €8,500 and €35,000.

Kmo-portefeuille max €7,500 per year.

Innovatiesteun from €25,000 to €3 million.

Recurring Grantee Patterns

Not specified.

Geographic Distribution Patterns

Flemish region.

Sector Concentration Patterns

Focus on cybersecurity and digital innovation sectors.

Emerging Priority Areas

Cybersecurity maturity, NIS2 compliance, digital transformation.

Changes in Funding Criteria Over Time

Introduction of START package for initial cybersecurity analysis.

Success Stories and Case Studies

CGK Group and INNI Group cybersecurity improvement examples.

Lessons Learned from Previous Cycles

Importance of recognized service providers and tailored support packages.

Grant Details

cybersecurity digital security information security digitalization innovation research and development sme startup enterprise training consultancy nis2 directive technology digital transformation business continuity risk management iot security flemish region state aid de-minimis public funding economic development
Cybersecurity subsidies
VLAIO Cybersecurity subsidies
VLAIO Regional Innovation and Digitalization Support
SME ENTERPRISE NGO STARTUP
BE
TECHNOLOGY OTHER
IDEA DEVELOPMENT EARLY_MARKET GROWTH
0-10 11-50 51-250 251-500 500+
SDG8 SDG9
FUNDING TRAINING_EDUCATION RESEARCH_DEVELOPMENT MENTORSHIP
False
None
8500.00
3000000.00
EUR
50.00
Nov. 4, 2025, noon
2025-05-28 to 2025-11-04