Dynamic Risk Approaches for Automated Cyber Defence

The PANOPTESEC consortium will deliver a beyond-state-of-the-art prototype of a cyber defence decision support system, demonstrating a risk based approach to automated cyber defence that accounts for the dynamic nature of information and communications technologies (ICT) and the constantly evolving capabilities of cyber attackers. "Panoptes" is an ancient Greek term meaning 'all eyes' or 'all seeing'. This term has incorporated into the project name to represent the PANOPTESEC consortium because the overall goal of the PANOPTESEC project is to deliver a continuous cyber security monitoring and response capability.
Organizations have become increasingly dependent on networks and computer systems to support their business operations and services. Unfortunately, as this dependency has grown, the motives and capabilities of cyber adversaries to attack these systems are also increasing. Attackers are often able to penetrate computer systems to extract sensitive information, tamper with accuracy of the information and prevent access to essential services. Given the organizational dependency on the systems and services, any one of these tactics can have significant negative impacts on an organization's business capabilities, reputation and liabilities. In the era of open networks and platforms, attackers continue to find more venues to exploit these systems to cause substantial damage.
Despite the well-known need for continuous monitoring of ICT systems to detect vulnerabilities and attacks, as well as the need for rapid incident response, commercial solutions do not meet the demands of modern networks and systems.
The PANOPTESEC prototype will address these challenges by proactively and reactively evaluating system weaknesses, identifying potential attack paths, providing a list of prioritized response actions, and delivering a means to execute these responses; all supported by automated analysis engines. The resulting PANOPTESEC prototype will provide a continuous monitoring and response capability to prevent, detect, manage and react to cyber incidents in real-time. The near market-ready system will support breach notifications and improve situation awareness while supporting the decision-making process required by security personnel. PANOPTESEC will deliver this capability through an integrated and modular, standards-based integration of technologies that will collectively deliver the required capabilities.