Cybersecurity is increasingly being perceived as the greatest threat to every company and organisation in the world. While new regulations like the Network and Information Security (NIS) Directive and the General Data Protection Regulation (GDPR) are trying to improve cybersecurity, compliance can be challenging. This is particularly true for public administrations and SMEs, who often lack the resources to invest in the necessary state-of-the-art cybersecurity solutions. To help public administrations, NGOs and SMEs better detect and protect themselves against cybersecurity threats, the EU-funded CS-AWARE (A cybersecurity situational awareness and information sharing solution for local public administrations based on advanced big data analysis) project has developed a suite of simple, cost-effective cybersecurity awareness solutions. “CS-AWARE is a collection of innovative solutions that allow these entities to detect, classify and visualise cybersecurity incidents in real time, thus supporting the prevention and mitigation of cyberattacks,” says Juha Röning, a researcher at the University of Oulu in Finland and CS-AWARE project coordinator.
Built on situational awareness
At the heart of CS-AWARE is a cybersecurity situational awareness component that complies with current and forthcoming cybersecurity regulations. “Sharing information regarding cyberthreats is very beneficial to the entities receiving the information and is regarded as being one of the most important weapons against cybercrime,” explains Röning. “By taking advantage of existing shared cybersecurity-related information, not only does our solution enable and refine incident detection, it does so while meeting the information sharing requirements of the NIS and GDPR.” Although important, simply identifying, extracting and storing information about cyberthreats and events alone is not enough. “The sheer speed that such cyber-related information can be generated at is simply overwhelming, and neither the human brain nor basic screening systems are up to the task of processing big data incidents,” adds Röning. “Knowing this, our solution uses complex decision-making algorithms to first identify the most probable threats and then automatically refer them to specialists and other automated systems for processing and mitigation.” While CS-AWARE automates a significant part of the cybersecurity detection process, full automation is not yet possible. “Every local public authority has a different system, making it nearly impossible to create one-size-fits-all automated solutions,” notes Röning. “Instead, our solution uses dependency analysis based on soft systems thinking, which allows us to identify the most valuable parts of a particular system for monitoring.”
Piloted and validated solutions
The CS-AWARE solution was piloted and validated at two real-world sites, one in Larissa, Greece, and the other in Rome, Italy. Through scientific publications and its public deliverables, the project has also contributed to the development of open source for specific cybersecurity technologies. Most importantly, however, CS-AWARE put together a solid team of dedicated experts, many of whom are now working to commercialise the technology developed during the project through the newly established CS-Aware Corporation OÜ.
CS-AWARE, cyberattack, situational awareness, cybersecurity, network and information security directive, NIS, general data protection regulation, GDPR, cybercrime, big data