The Xunta launches a new aid programme totalling €1.5 million to strengthen the cybersecurity of Galician companies

  • The Official Journal of Galicia (DOG) publishes the call for a line that will cover up to 75% of the cost of specialised services provided by accredited entities.
  • The activities include risk diagnosis, implementation of advanced technical solutions, awareness-raising actions or assistance in the implementation of recognised standards.
  • The aid is processed on a non-competitive basis and payment will be made directly to the providers, so companies will not have to advance the cost.

Santiago de Compostela, 14 August 2025

The Official Journal of Galicia (DOG) publishes today the call for the Empresa Cibersegura 2025 programme, a new line of aid promoted by the Ministry of Economy and Industry through Igape, aimed at improving the digital preparedness of Galician companies against increasing risks in the digital environment.

With a total budget of 1.5 million euros, the programme will facilitate the adoption of advanced technical solutions in information security, reducing vulnerabilities and strengthening trust in the Galician digital ecosystem.

The call is designed to meet the needs of small, medium and large companies alike, promoting a true culture of cybersecurity within the productive fabric. Through accredited providers, beneficiary companies will be able to access a wide range of specialised services: from risk audits and vulnerability testing to the implementation of security systems, internal policies, or strategic support through the CISO as a Service model.

The aid intensity will be 75% of the eligible costs, with a maximum of 30,000 euros per project, and will be processed on a non-competitive basis, allowing grants to be awarded in the order applications are received that meet the requirements.

Moreover, the programme’s mechanics are designed to minimise the economic burden on companies, as payment will be made directly to the accredited provider, so the company will not need to advance funds. The possibility of an advance payment of up to 50% of the grant, following partial justification of the action, is also envisaged.

Three main blocks

The subsidisable activities range from an initial diagnosis of digital maturity and cybersecurity risks to the execution of specialised technical pathways in cloud environments (IaaS), information technologies (ITaaS) or industrial operational technologies (OTaaS). Also included are ethical hacking services, awareness campaigns, assistance in implementing quality and security standards, and even the contracting of strategic services in this field.

The deadline for specialised entities to apply for accreditation as providers will remain open until 25 September 2025. Once the list of accredited providers is resolved, the application phase for companies will open, with a deadline of 15 November 2025.

Through this line, the Xunta strengthens its commitment to a more modern, innovative and competitive productive fabric, contributing to the creation of a safer digital environment for the whole Galician society.

The call can be consulted in the Official Journal of Galicia.