Singapore & Malaysia: Grants & Support for SME Cybersecurity
Small and medium-sized enterprises (SMEs) in Singapore and Malaysia have access to numerous government grants and support programs to strengthen their cybersecurity posture. These programs can significantly reduce the financial burden of implementing robust security measures while helping businesses stay compliant with local regulations.
In this comprehensive guide, we'll explore the key cybersecurity grants, subsidies, and support programs available to SMEs in Singapore and Malaysia, along with practical advice on how to access and maximize these opportunities.
Singapore: Grants & Support for SME Cybersecurity
1. Productivity Solutions Grant (PSG) – Cybersecurity Solutions
The PSG (via the SMEs Go Digital programme) offers pre-approved cybersecurity solutions to SMEs, subsidising adoption of tools such as endpoint protection, firewalls, email security, backups, and more. Eligible SMEs can get funding through GoBusiness / Business Grants Portal once they select from a list of pre-approved vendors and solutions.
2. Cybersecurity Certification Grant (New)
This is a relatively new grant (2024-2025) for SMEs that want to get certified under schemes like the Cyber Essentials Mark or Cyber Trust Mark. It covers costs such as gap analyses, audits, implementation, and more. The subsidy can cover a large portion of costs (up to 80%) to help SMEs raise their cybersecurity standards.
Source: Advance IT
3. Cybersecurity Health Plan (CISO-as-a-Service)
Recognizing that many SMEs don't have in-house cybersecurity personnel, Singapore's Cyber Security Agency (CSA) launched a scheme to help SMEs engage cybersecurity consultants as a service (CISOaaS) for guidance. Under this scheme, CSA co-funds up to 70% of the costs in the first year, for defined services like "health checkups" of cyber posture, improving cyber hygiene, malware protection, and more, helping SMEs work toward national marks.
4. SME CyberResilience Programme (ST Engineering + IMDA)
This programme gives up to 2,000 SMEs free cyber threat scanning and expert guidance to boost awareness and resilience. It is more of a supportive programme rather than a grant, but extremely useful especially for SMEs wanting an entry point into cybersecurity readiness.
Source: ST Engineering
5. SG Cyber Safe Toolkits & Support from CSA
Besides grants and subsidies, CSA offers toolkits (Cyber Safe) for enterprise leaders, SME owners, IT teams, and staff to help improve cybersecurity awareness, set frameworks, and help businesses internalise cybersecurity best practices. These are free resources, not financial grants, but very helpful especially for SMEs just starting out.
Malaysia: Grants & Support for SME Cybersecurity
1. MSME Digital Grant MADANI
This is a key matching grant for Malaysian SMEs: up to 50% matching for costs (services/tools) including cybersecurity. The maximum is RM5,000. It's open to businesses operating at least 6 months, Malaysian ownership of ≥60%, etc. SMEs can apply via approved Digitalisation Partners. Examples of eligible cybersecurity categories include antivirus, firewall, backup, email filtering/antispam, cybersecurity awareness training.
Source: InternetNow Malaysia
2. PGPKS by CyberSecurity Malaysia – Cyber Security Health Check Program
PGPKS stands for "Program Penilaian Kesihatan Keselamatan Siber" (Cyber Security Health Assessment Program). It's complementary (free) and provides assessments in key cybersecurity components such as Governance, Risk & Compliance, malware scanning, vulnerability assessment / penetration testing, training and awareness. This gives SMEs a baseline understanding of their cybersecurity posture.
Source: CyberSecurity Malaysia
3. Industry 4.0 / Digi-Transformation Funding & Training
While not solely focused on cybersecurity, there are several programmes that include cybersecurity or allow cybersecurity-related expenses under their funding. For example:
- SME Technology Transformation Fund (STTF) by SME Bank: for tech solutions / services including software etc.
- RiSE4WRD for Industry 4.0 by HRD Corp: training including in cybersecurity, cloud, IoT etc.
Source: Funding Societies Malaysia Blog
4. Go-Digital-Digitalisation Matching Grants & Other Small-Grants Programmes
Malaysia's government under various digital economy and budget-initiatives has allocated matching grants for digitalisation. Some of these include cybersecurity or at least cover cybersecurity tools as part of digital tools adoption. For instance in Budget 2024, digitalisation grants up to RM5,000 that SMEs can use to upgrade systems which may include cybersecurity features.
Sources: BusinessToday, SME Digitalisation Grant
What SMEs Should Know / How to Access These Support Programs
Eligibility Matters
Most grants require the business to be properly registered (SSM etc in Malaysia; Singapore registered with local shareholding), have been operating for a minimum period, sometimes meet turnover thresholds, sometimes local ownership percentages. Always check the specific eligibility.
Scope of Coverage
Some grants are for tools, software, hardware, or services; some cover training, audits, awareness, or consultation. Not all cybersecurity expenses qualify under every grant.
Matching vs Subsidy
In Malaysia many programmes are matching grants (you pay part, government matches part). In Singapore some are subsidy (government pays a portion directly). Knowing this helps in budgeting.
Pre-approved Vendors / Solution Providers
For a lot of programmes (especially Singapore's PSG / SMEs Go Digital / certification grants), you must use vendors or solutions that are pre-approved or meet certain criteria. Choosing a vendor outside the list may disqualify your application.
Combining Support
Sometimes SMEs can "stack" or combine different grants or subsidies (e.g. subsidy + training grants + matching funds), but care is needed to check overlapping or mutual exclusion. It helps to plan the project end-to-end.
Don't Forget Non-Financial Support
Many of these programs also include free resources, toolkits, health checks, threat assessments, etc., to help SMEs identify what they need first before investing heavily. These are lower risk ways to start improving cybersecurity.
Getting Started: Action Steps for SMEs
Step 1: Assess Your Current State
Take advantage of free cybersecurity health checks and assessments available in both countries before applying for grants.
Step 2: Identify Your Needs
Determine what cybersecurity tools, training, or services your business needs most urgently.
Step 3: Research Eligibility
Check the specific requirements for each grant program you're interested in, including business registration, ownership, and operational history requirements.
Step 4: Plan Your Investment
Consider how different grants can be combined and create a comprehensive cybersecurity improvement plan.
Step 5: Apply Early
Many grant programs have limited budgets and are awarded on a first-come, first-served basis.
Conclusion
Both Singapore and Malaysia offer substantial support for SMEs looking to improve their cybersecurity posture. From financial grants covering up to 80% of costs to free assessments and toolkits, there are multiple pathways for businesses to strengthen their security without breaking the bank.
The key is to start with a clear understanding of your current cybersecurity state, identify your most pressing needs, and then strategically apply for the most relevant support programs. Don't overlook the non-financial support available – sometimes a free cybersecurity health check or toolkit can provide the foundation you need to make informed decisions about your security investments.