Cyber Security Small Business Program

At a glance

Open

Provides businesses with 19 or fewer employees with a grant of up to $2,100 for a certified small business cyber security health check to determine business risk and areas that need attention.

Who can apply:

At a minimum, you must:

  • have a certified small business health check undertaken by a certified CREST approved provider
  • have an Australian Business Number (ABN)
  • be registered for the Goods and Services Tax (GST)
  • employ 19 or fewer full-time equivalent employees
  • and be one of the following:
    • an entity incorporated in Australia
    • a partnership
    • a sole trader.

Other eligibility requirements apply.

Deadline to apply:

The program will close earlier if the funding is fully committed.

Contact information:

13 28 46

business.gov.au/contact

Overview

The Cyber Security Small Business Program will support small businesses across Australia to have their cyber security tested by a provider that has been approved by the Council of Registered Ethical Security Testers Australia New Zealand (CREST).

Grants will be provided to small businesses (with 19 or fewer employees) for up to 50 per cent of the cost of a micro, small or standard certified small business check. These health checks are essentially the same, but vary in price depending on the number of devices that are tested.

  • The maximum grant amount is $2,100.
  • The grant amount will be up to 50 per cent of eligible project costs.

About CREST

CREST Australia New Zealand provides assessment, accreditation, certification, education and training in cyber and information security for individuals and corporate entities. CREST certified information security professionals have passed an examination process as well as background vetting, and the companies that they work for (CREST approved companies) are audited by CREST and have signed up to the CREST code of conduct.

CREST logo

Eligibility criteria

To be eligible you must:

  • have an Australian Business Number (ABN)
  • be registered for the Goods and Services Tax (GST)
  • employ 19 or fewer full-time equivalent employees
  • and be one of the following:
    • an entity incorporated in Australia
    • a partnership
    • a sole trader

You are not eligible to apply if you are:

  • a trust (however, an incorporated trustee may apply on behalf of a trust)
  • a publicly funded research organisation (PFRO) as defined in appendix A of the grant opportunity guidelines
  • a Commonwealth, state, territory or local government body (including government business enterprises)
  • a business that employs more than 19 full-time equivalent people

You are not eligible to apply if you have previously received funding under the Cyber Security Small Business Program.

How to apply

The following process outlines how you apply for a grant:

  1. register for a health check on the CREST small business website.
  2. have the certified small business health check undertaken by a certified CREST approved provider.
  3. pay in full the tax invoice from the CREST approved provider.
  4. complete and submit an application to the department for reimbursement of a grant up to $2,100. You must include a tax invoice from your CREST approved provider, quoting a CREST test certificate number, as evidence of your expenditure.
  5. enter into a grant agreement with the department and receive a payment once eligibility is confirmed and subject to available funding.

You should read the grant program guidelines and sample grant agreement before you apply. Grant opportunity guidelines provide detailed information on the grant opportunity, including granting activity objectives; all eligibility criteria; the assessment processes; reporting and acquittal requirements; and a description of review mechanisms.

When you submit your online application for reimbursement, we will provide you with an automated receipt number and a link. The link goes to a page where you can enter your email address to receive acknowledgment and a copy of your complete application.

For assistance with the application form, contact us.

How we assess applications

We assess your application against the eligibility criteria.

You will need to provide a tax invoice from your CREST approved provider, quoting a CREST test certificate number, as evidence of your expenditure.

You must pay for the certified small business health check upfront. Once eligibility is confirmed, we will pay you the grant.

The program delegate will make the final decision. The program delegate will not approve funding if there is insufficient program funds across relevant financial years for the program.

If your application is successful

If your application is successful you will receive written notification in the form of an approval letter grant agreement.

If you are unsuccessful, we will notify you in writing. You can submit a new application while the program is open and while funds are still available so long as you address the reasons why you were unsuccessful.

You will need to provide a tax invoice from your CREST approved provider, quoting a CREST test certificate number, as evidence of your expenditure.

We will pay 100 per cent of the grant on execution of the grant agreement.

Payments will be made by direct credit into a nominated bank account.

Key documents

  • Grant opportunity guidelines
  • Factsheet
  • Sample application form
  • Sample grant agreement - approval letter
  • FAQs

Thanks for your feedback. If you have any ideas on how we can improve, we'd love to hear them.

Please provide your comments in the feedback form.

You might also be interested in