Open Invitation

Mansfeld-Südharz, Germany - November 14, 2025

A €2.5 million fund for practical resilience projects that can run on a rural sovereign cloud and show results within twelve months

The Cyber Resilience Alliance is often portrayed as a brick-and-mortar cluster, yet its most critical component is still missing: the steady pulse of external minds willing to stress-test assumptions faster than any internal roadmap can. Today we are opening a competitive fund seeded with €2.5 million from the European Regional Development Fund plus matching county capital, earmarked exclusively for researchers and start-ups who can demonstrate novel approaches to resilience that survive—and thrive—outside the neon of capital cities. The call is deliberately narrow: we want projects that can be deployed inside our sovereign cloud, measured against NIS2 metrics and wrapped up in under a year, leaving behind open artefacts that any Mittelstand firm can re-run without licensing friction.

The application window runs from 15 January to 15 March 2026, with funding decisions published by 30 April and project kick-off mandatory before August. Individual grants range from €50k for single-investigator studies to €150k for consortia that include at least one commercial entity incorporated less than five years ago. The money is disbursed as a cost-reimbursement voucher, not equity, and the intellectual-property regime is refreshingly simple: whatever you invent remains yours, but you must publish a reproducible artifact—code, data set, or hardware diagram—under an OSI-approved or Creative Commons licence at the moment final payment is released. That clause keeps the fund from becoming a stealth incubator for proprietary tooling while still allowing start-ups to commercialise support, hosting or premium features on top of the open core.

We are not shopping for moonshots. The evaluation matrix rewards incremental realism: 40 % weight on technical feasibility inside a twelve-month horizon, 30 % on measurable impact against the NIS2 incident-response timeline, 20 % on replicability in a rural county with fewer than 200 000 inhabitants, and 10 % on diversity of the team. The last criterion is quantitative, not rhetorical: at least one member of the applying group must come from a region that scores below 75 % of EU average GDP per capita, a filter that automatically steers capital toward talent that already understands bandwidth constraints and legacy hardware. If your prototype assumes 100 Gbps uplinks and GPU farms, it will score zero on replicability; if it runs on a five-node Kubernetes cluster that fits into a former tractor shed, you are speaking our language.

Applicants gain automatic access to the Alliance’s sandbox fabric: 400 vCPUs, 20 TB of encrypted object storage, a 100 Gbps peering link to DE-CIX Leipzig and a disconnected OT room that mirrors the network of a mid-size chemical plant down to the last Siemens S7. The environment is air-gapped on request, yet can be re-hydrated in under an hour through a GitOps pipeline that pulls only signed images. We also provide a curated data set of 1.4 million synthetic security events generated during the last twelve months of SOC operations, complete with STIX 2.1 labels and MITRE ATT&CK mappings, so researchers do not have to waste the first six months begging for logs. If your work requires physical layer access—RF sniffing, power-analysis, or hardware trojans—you will receive magnetic-badge access to the cyber-range hall where we keep legacy SCADA racks, a private 5G stand-alone cell and a Faraday cage big enough for a truck. The cage is already booked for three weeks in 2026, so mention the request early; we allocate on a first-come, first-served basis with a maximum of ten consecutive days to keep the queue fair.

"We fund tinkerers, not titans: show us a fortress that fits in a tractor shed and we will give you the keys to the sovereign cloud."

Start-ups often ask about follow-on capital. The grant itself carries no equity option, but successful pilots receive a pre-qualified introduction to the European Investment Fund’s Cyber-Shield facility, which can provide venture debt up to €2 million backed by a 75 % EU guarantee. More importantly, the county’s own promotional bank offers a convertible note capped at 1.5× the grant amount, priced at the next qualified funding round with a 20 % discount and no board seat. Taken together, a €150k grant can unlock a €500k runway without forcing founders to leave the region or surrender strategic control. The only condition is that the subsequent headquarters or primary R&D remains within 50 kilometres of Dessau-Roßlau for at least five years, a clause designed to keep talent from leaking to Berlin the moment the term-sheet is signed.

We schedule two open Q&A sessions on Zoom (15 January and 15 February) and one in-person town-hall at the Anhalt-University auditorium (1 March). No registration fee, but seats are limited to 200 and we stream on YouTube with simultaneous translation into German and Ukrainian. Slides and recordings will be published under CC-BY the next day, so travelling is optional; showing up, however, gives you a chance to meet the county’s economic-development officers who sign off on re-location subsidies worth up to €30k per full-time employee if you decide to stay. Previous winners of smaller county grants will be present to describe the bureaucracy in plain language—usually less than six forms and a three-week turnaround, according to last year’s cohort.

Submissions are handled entirely through the Alliance portal running on a sovereign GitLab instance hosted inside the county’s own data centre. You upload a five-page project outline, a one-page budget table and a two-minute video pitch; no glossy brochures, no letters of intent from potential customers, no venture-capital term-sheets. The review panel consists of five people: one CypSec engineer, one Validato compliance officer, one county civil servant, one external academic and one student representative from the local technical college. Scores are published anonymised within 48 hours after the decision, and unsuccessful applicants receive a one-page debrief that can be resubmitted in the next call without prejudice. We think transparency is cheaper than lobbying, and the process doubles as a stress-test for our own ticketing system.

The clock is ticking, but not thundering. If you miss this window, the next call opens in November 2026 with the same envelope, yet the competition will almost certainly be steeper once the first success stories circulate. Our advice is simple: bring a problem that keeps a plant manager awake, design a solution that respects 1990s copper wiring, and keep your slide deck under five minutes. We are not looking for heroes; we are looking for tinkerers who can turn a tractor shed into a fortress and document every bolt so the next village can do the same. If that sounds like you, the gate is open—and the bitumen no longer smells of bitumen, but of possibility.

The Cyber Resilience Alliance is a public-private partnership established 2025, led by CypSec, Validato and the County of Mansfeld-Südharz. The Alliance operates a sovereign private-cloud security stack, a shared SOC and an cyber academy, aiming to make Mansfeld-Südharz the reference site for rural cyber resilience by 2030.

Media Contact: Daria Fediay, Chief Executive Officer at CypSec - daria.fediay@cypsec.de.