Horizon Europe & Digital Europe

Mansfeld-Südharz, Germany - October 27, 2025

A county-scale roadmap for turning EU research calls into deployable cyber-resilience infrastructure without selling equity

The first time we printed out the Horizon Europe work-programme annex, it covered the conference table like a medieval map: here be dragons, here be gold. The dragons were the 40-page eligibility matrices; the gold was the €95 billion envelope that Brussels promises to spend between now and 2027 to make Europe “fit for the digital age”. For months we treated the document as decoration—until we realised that every page contains a footnote that prefers consortia able to demonstrate “deployment in a real community with structural challenges”. That footnote is a 12-point Times New Roman welcome mat laid directly at the gate of Anhalt-Bitterfeld. What follows is not a wish-list but a calendar: the exact calls we will apply to, the partners we will bring, the match-funding we have already ring-fenced, and the clauses that prevent equity dilution while keeping sovereignty non-negotiable.

The opening shot is HORIZON-CL3-2024-CS-014, the flagship call on advanced vulnerability analysis and threat intelligence. The topic text explicitly asks for “solutions that integrate human-risk factors with technical indicators” and “pilots in regions experiencing demographic or industrial transition”. Our bid—submitted in January under the working title “Rural Threat-Fusion Fabric”—pairs CypSec’s deception grid with Validato’s integrity graph, then adds the county’s vocational schools as living lab users. The Commission pre-evaluation score came back at 14.5 out of 15, with reviewers highlighting the rarity of a consortia that can offer both a sovereign cloud node and a shrink-wrapped governance model. If funded, the grant will inject €4.2 million over 36 months, of which 70 % is capital expenditure earmarked for a federated SOAR platform that will sit inside the county’s existing fibre loop. Match-funding is provided by the state development bank at 1 % interest, backed by the European Investment Fund guarantee, so no parent equity is required.

Parallel to CL3, we will chase HORIZON-CL4-2024-DIGITAL-EMERGING-02-02 on next-generation quantum-safe communication. The call demands “field trials outside 5G corridors” and “integration with classical IP backbones at sub-10 ms latency”. Our physical test site—the 4 km stretch between the former nitrate silos and the new biomass plant—already hosts a hybrid fibre/free-space-optics link that terminates in a post-quantum IPsec gateway. By adding a consortium of Dutch photonics start-ups and the regional utility, we satisfy the cross-border requirement while keeping the experimental traffic purely within community-owned assets. The bid volume is €3 million; the county’s contribution is offered in kind through dark-fibre strands that were laid for smart-metering but never lit, an asset that counts as 40 % match without touching cash.

The third pillar is the Digital Europe Programme’s “Cyber-Shield” work-stream, specifically the upcoming DIGITAL-EUROPE-2025-CYBER-SME call. Unlike Horizon, Cyber-Shield is 100 % procurement-driven: Brussels buys operational capacity instead of funding research. We will offer a bundled service package—shared SOC seats, policy-as-code pipelines, and NIS2 self-assessment tooling—for 180 SMEs in the chemical and logistics sectors. The unit price is capped at €18 000 per SME over 24 months, paid directly by the Commission to the Alliance via framework contract. The mechanism is crucial because it turns grant revenue into recurring service revenue without equity dilution; in financial terms it is a revolving advance that converts into ARR once the subsidy period expires. The county’s role is to certify local eligibility, a function that earns it a 5 % administrative fee—small in absolute numbers, but enough to fund the public observer seat in perpetuity.

"We finance sovereignty with Brussels’ money, but we keep the keys in the county clerk’s safe—because sovereignty that rents itself is just outsourcing with better branding."

To keep the calendar honest, we also track the calls we will deliberately skip. HORIZON-HEALTH-2025-DATA-04, for instance, offers generous budgets for health-sector cyber security, but requires patient-level medical data to leave the hospital trust. Because our charter forbids cross-border personal data transfer, we will abstain rather than bend the rule and later regret it. The same discipline applies to EDF (European Defence Fund) topics that demand ITAR-controlled components; we reference them in footnotes but steer clear, preserving the civilian character that makes the Alliance palatable to municipalities that do not want to be drawn into geopolitical signalling. Saying no is part of the funding strategy; every declined call is a guard-rail that keeps the cap table free of venture money and the data map free of jurisdictional stains.

Governance of the grant pipeline is handled by a two-person EU office embedded in the county administration. Their sole KPI is “draw-down velocity”: the percentage of approved funds that reach local suppliers within 90 days of signature. To protect that metric, every purchase order above €25 000 is pre-linked to a framework supplier that has already passed a sovereignty audit; that prevents the classic scenario where a grant is won but spent in a different postal code. The office also maintains a public dashboard—live next quarter—that shows call identifier, requested sum, match-funding source and expected local tax effect. The transparency is not altruism; it is insurance against the accusation that EU funds disappear into Berlin consultancies. When South-Tyrol replicated the model last month, they copied the dashboard before they copied the tech stack, confirming that trust is the first deliverable.

The final safeguard is the exit ramp. Every Horizon and Digital Europe contract we sign contains a clause that transfers foreground IP to the Alliance, but obliges us to license it back to any EU public body under FRAND terms once the project ends. That prevents the slow privatisation of publicly financed know-how and guarantees that a county in Greece or Finland can download the same Helm charts without paying a royalty to the parents. The clause is non-negotiable; we have already walked away from one consortium that refused it. Over time the accumulated IP will sit in a Git repository branded “EU Cyber Commons,” maintained by the Alliance but owned by no one and everyone at once—an open-source immune system that keeps rural Europe patched even if political winds shift.

Add the numbers and the pipeline reaches €11.2 million in committed grant requests over the next eighteen months, matched by €3.4 million of local assets and bank credit. No founding equity is consumed, no venture board is courted, and no data leaves the county unless it is encrypted with keys that stay in the county clerk’s safe. That is the real innovation: we found a way to make Brussels finance a sovereignty-first stack without asking permission to be sovereign.

The Cyber Resilience Alliance is a public-private partnership established 2025, led by CypSec, Validato and the County of Mansfeld-Südharz. The Alliance operates a sovereign private-cloud security stack, a shared SOC and an cyber academy, aiming to make Mansfeld-Südharz the reference site for rural cyber resilience by 2030.

Media Contact: Daria Fediay, Chief Executive Officer at CypSec - daria.fediay@cypsec.de.