SECURITY OPERATIONS CENTER (SOCs) PROGRAM AND CYBERSECURITY CERTIFICATIONS SPRI

Objetive

The purpose of the Program is to promote those projects that contribute to the significant improvement of cybersecurity in SMEs (individuals and/or legal entities) with activity in the CAE.

The Program includes two lines of aid:

LINE 1: SOC Service in SMEs: aims to support the contracting of Security Operations Center (hereinafter SOC) services in small and medium-sized enterprises (SMEs) with activity in the CAE.

LINE 2: Pentesting Service and Certifications in SMEs: aims to support each and every one of the phases of the projects of small and medium-sized enterprises (SMEs) with activity in the CAE aimed at adapting or obtaining a certification in any norm, scheme or standard of Cybersecurity.

Targeting

SMEs (natural and/or legal persons, according to Commission Recommendation 2003/361/EC of May 6, 2003) with activity in the CAE.

Description

Having solid cybersecurity monitoring and certification mechanisms in place is essential for Basque companies to be able to respond effectively to the challenges arising from their digital transformation.

With the increase in the frequency and sophistication of cyber-attacks, companies are forced to strengthen their security systems. This challenge becomes even more crucial in the context of digitalization, where any vulnerability can be exploited for malicious purposes, affecting both the supply chain and the stability of their critical processes.

For this reason, the SOCs and Cyber Certifications Aid Program offers up to €25,000 per company, aimed at hiring specialized cybersecurity services and obtaining recognized certifications, with the aim of strengthening the Basque business fabric and ensuring its competitiveness in an increasingly challenging digital environment.

two lines of aid with different purposes:

Line 1_

SOC service in SMEs
Aid aimed at the contracting and implementation of Security Operations Centers (SOCs) services, which include surveillance and monitoring of the IT/OT infrastructure of companies, detection and response to incidents or suspicious behavior, and mitigation actions implemented by the service providers.

Expenses will be covered for a maximum period of 12 months.

Line 2_.

Pentesting and Certification Service for SMEs
Assistance aimed at supporting the adequacy or obtaining of a certification in any norm, scheme or standard of Cybersecurity.

These actions include the identification of vulnerabilities through pentesting, the development of an action plan to obtain certification, the development of pre-audits to evaluate systems or processes, and the performance of audits and issuance of certification, including follow-up audits.

Expenses will be covered for a maximum period of 12 months.

Face the digital transformation of your company ensuring its protection with the support of the best cybersecurity experts.
01_ Up to 25,000 euros per company

Non-repayable aid of 75% and up to 25,000 euros per company so that you can reduce the economic burden that investment in cybersecurity may entail.

This will allow you to access financial resources to strengthen your defenses against cyber-attacks, facilitating investment in technology and certifications without assuming the full cost of the project so that it does not affect your budget in the long term.

02_ Strengthen your cyber-attack defense systems

We provide you with financing for the implementation of advanced security measures, such as SOC (Security Operations Centers) services.

SOC services enable constant monitoring of IT/OT infrastructures, proactively detecting and responding to potential threats.

You will be able to reduce security breaches and ensure that your company is better prepared to withstand cyber-attacks, protecting both your data and your critical operations.

03_ Reduce reaction time to incidents and mitigate potential damage

SOC services are designed to detect early on any suspicious activity or anomalies in systems, enabling an immediate response to potential cyber-attacks.

By identifying and responding to threats at their earliest stages, attackers are prevented from exploiting vulnerabilities for extended periods, minimizing both the impact and costs associated with recovery.

In addition, mitigation actions deployed by SOC’s specialized third-party vendors help contain and resolve incidents quickly, protecting critical data and key business processes.

04_ Obtain the most recognized certifications in cybersecurity

Obtaining recognized certifications in cybersecurity, such as ISO 27001, National Security Scheme (ENS) or TISAX, offers companies a guarantee that they comply with the highest standards of information protection and risk management.

These certifications are internationally recognized and demonstrate to customers, partners and suppliers that the company has implemented effective security controls to protect their data and operations.

This increases trust in business relationships and can open up opportunities in markets where cybersecurity is a prerequisite, as well as ensuring that the company is aligned with current data protection rules and regulations.

05_ Access to top cybersecurity experts

The program covers the costs of external providers specialized in cybersecurity, ensuring that SMEs have highly trained professionals to assess and improve their security systems, implement advanced solutions and resolve any vulnerabilities in their processes.

By covering these costs, companies have access to expert knowledge without having to assume the full cost, allowing them to strengthen their cybersecurity effectively and with the help of the best specialists in the sector.

Learn more about this program in detail

Regulation 2024-2025

Comprehensive support
To improve cybersecurity from prevention to immediate response.
To obtain the most demanding cybersecurity certifications.
To hire a specialized provider to help you throughout the process.
Hardware and software
Hardware and software expenses necessary to advance in the process of adaptation to a standard or to obtain a cybersecurity certification are eligible.
It cannot exceed 80% of the maximum budget accepted for the grant.

Grant type

Resolución sucesiva.