Subsidies for cybersecurity investments
December 2021 – Since 1 January 2021, Flanders has been providing a subsidy for so-called cybersecurity improvement projects. During such a journey, the company can count on the assistance of an approved service provider to improve its security. In September 2021, a 'basic version that everyone can understand' was presented.
Flemish cybersecurity improvement paths
The Cybersecurity Improvement Paths consist of a range of services offered on the basis of a framework contract of the Flemish Authority. The Flemish Authority helps your company to purchase the external advice and support needed to raise its level of cybersecurity maturity.
In concrete terms, you can receive support if you call on one of the approved service providers for the following areas:
protection of technological domains ;
user management;
attention to cybersecurity in the development of new digital products and services
training and awareness-raising of your employees;
Preparing the company for possible incidents.
The service provider will perform the following tasks
in-depth (technical) analysis of the company's cybersecurity maturity ;
drawing up an action plan to improve cybersecurity within the company;
provision of advice/guidance to address the priority security issues identified.
The basic package offered by these service providers costs between 25 000 euros and 30 000 euros, excluding VAT. VLAIO covers up to 45% of the cost (including VAT) and pays this amount directly to the service provider.
This support is reserved for SMEs (meeting the European definition of an SME) active in the private sector and established in Flanders.
Extended access
In September, the Flemish Government adopted two additional measures to encourage companies to use cybersecurity support.
On the one hand, it provided for so-called basic cybersecurity improvement paths that are intended for SMEs that want to introduce cybersecurity and/or have a less complex IT/OT environment. The cost of this basic version varies between 15 000 euros and 20 000 euros. The package includes fewer services, but the government also contributes 45% here.
The Flemish Authority also extends the so-called KMO-portfolio to investments in cyber security. The KMO-portfolio is an initiative to provide financial support for the purchase of services to improve the quality of the company. Normally, the support is set at 30% for small companies and 20% for medium-sized companies (with a maximum of 7 500 euros per year). But for services related to cyber security, this percentage is increased to 45% for small enterprises and 35% for medium-sized enterprises (the annual maximum remains the same).
Wallonia and Brussels
Wallonia applies the "Chèques-Entreprises en cybersécurité" system. 60 000 euros over a period of three years and must be spent on carrying out a cybersecurity audit within the company and on the intervention of external services to put in place a cybersecurity policy.
The Brussels-Capital Region has not provided any specific aid for cybersecurity-related services. On the other hand, it does grant a premium for consultancy. Consultancy services are only subsidised if they relate to certain areas, including digitalisation and IT security. Depending on the criteria met (you are a start-up, run a social enterprise, have a diversity plan, etc.), the rate of the grant varies from 40% to 60%, with a maximum amount of 10 000 euros.
Essential investment
It is clear that we are facing an increase in cybercrime and the damage it causes is often not limited to physical damage to investments caused by theft or vandalism. It is therefore essential to invest in cyber security. If you look hard enough, you will find that there is no shortage of regional incentives to help you.