Common Good Cyber Fund: A New Global Grant Program Supporting Cybersecurity Nonprofits

The Common Good Cyber Fund (CGCF) is a multi-year funding initiative designed to strengthen global digital cybersecurity by supporting nonprofit organizations that deliver critical services underpinning the Internet’s core infrastructure and protecting civil society actors at high risk, including NGOs, journalists, and human rights defenders. CGCF addresses the persistent underfunding of essential cybersecurity capabilities—such as secure DNS and routing, threat intelligence, rapid incident response, and training—by directing resources to where they can most effectively improve resilience, safeguard vulnerable users, and strengthen the Internet as a global public resource.

Specifically, Common Good Cyber Fund focuses on building a resilient and sustainable ecosystem of global nonprofit organizations working in cybersecurity whose efforts support:

• Maintenance of critical cybersecurity infrastructure.
• Delivery of scalable support to secure Internet users from digital harm, including  state-directed cyber activity and digital transnational repression.
• Advancement of a safer Internet for vulnerable groups and high-risk communities, including civil society and journalists.

The Internet Society Foundation implements the grantmaking component on behalf of the Internet Society, in close collaboration with the Global Cyber Alliance/Common Good Cyber Initiative and a Strategic Advisory Committee. This fund consists of pooled donations from a mix of donors, including the governments of Australia, Canada, the Netherlands, and the United Kingdom, as well as Craig Newmark Philanthropies and the Internet Society. 

Pilot

In late 2025, the Internet Society Foundation launched a pilot of the Common Good Cyber Fund grant strategy to serve as a proof of concept for the fund and to address urgent financial needs in the global cybersecurity nonprofit ecosystem. A small group of nonprofit cybersecurity-focused organizations was invited to apply for the pilot grants.

In total, six grants were awarded. We are pleased to present the pilot cohort:

• Access Now – USD $400,000
  • This grant will help advance Access Now’s 24/7 Digital Security Helpline and support their related strategic planning efforts and bolster the resilience of their cybersecurity and data protection advocacy work, among their other cybersecurity service offerings.
• CyberPeace Institute – USD $300,000
  • This grant will provide general operating support to CyberPeace Institute to scale up the CyberPeace Builders program, delivering practical cybersecurity assessments, training, and incident support to high-risk civil society groups and vulnerable users. By the end of 2026, the program anticipates engaging at least 150 at-risk actors, executing 15 virtual and in-person workshops, and supporting 10 new organizations.
• Forum of Incident Response and Security Teams (FIRST) – USD $200,000
  • This grant will support enhancements to FIRST’s Community and Capacity Building activities and will allow them to hire a new project manager to scale their training delivery and bolster incident response community engagement, including increased collaboration with the Americas region. By the end of the grant period, FIRST will also carry out at least 20 operational training workshops.
• Global Cyber Alliance Inc – USD $300,000
  • This grant will support Global Cyber Alliance in filling the role of the Ecosystem Manager of Common Good Cyber and Chair of the Strategic Advisory Committee, as well as providing general operating support of their Internet Integrity and Capacity & Resilience programs.
• Internet Security Research Group (ISRG) – USD $300,000
  • This grant will support ISRG’s critical operational activities, including communications and fundraising efforts, and restructuring its database to accommodate a growing number of TLS certificates provided through the Let’s Encrypt program. By the end of 2026, ISRG expects to actively secure at least one billion websites with free TLS certificates.
• Shadowserver Foundation – USD $400,000
  • This grant will allow Shadowserver Foundation to sustain and scale its global, no-cost threat intelligence services by supporting core operations. These include daily IPv4 / targeted IPv6 scanning, the CAPRICA honeypot network, malware analysis, and botnet sinkholing, all of which combine to enable Shadowserver to provide free, daily, network remediation reports to national CSIRTs covering 175 countries and to 9,000+ network owners across all sectors to help them secure their networks. 

Open Call

Following the success of the pilot phase, we will launch an open call for proposals from 23 June to 4 August 2026 for at least USD $3.5 million disbursed through an estimated 15 two-year grants.

The funding will continue to specifically support nonprofit organizations that strengthen digital security and resilience for civil society and protect vulnerable users from digital harm, (such as acts of digital transnational repression). Activities that are in scope for eligible nonprofits include, but are not limited to:

• Provision and maintenance of secure communications infrastructure and tools.
• Threat detection, mitigation, and response services.
• DNS and Internet routing security initiatives.
• Threat intelligence sharing and coordination.
• Capacity-building for frontline defenders.
• Public-interest cybersecurity research and development.

More information about the open call, including eligibility requirements, is available on the Common Good Cyber Fund program page.

---

Explore our Funding Areas to see how we support the global Internet community, and subscribe to our newsletter for the latest news and announcements from our projects.