While businesses and consumers have embraced digitalisation during the COVID-19 pandemic, computerised solutions have also exposed cybersecurity shortcomings. THREAT-ARREST’s prototype cybersecurity training platform could help mitigate the dangers.

Security

A key challenge for effective cybersecurity is that the general public are often unaware of the dangers, as well as suitable tools to mitigate risks. Large organisations and critical infrastructure operators are not immune, as many continue to view cybersecurity as an ‘extra’ expense, with limited budgets to match. These problems are compounded by few national strategies to promote or support the building of cyber resilience. To address some of these challenges, the EU-supported THREAT-ARREST’s prototype cybersecurity platform integrates training scenarios tailored to users ranging from novices to experts and professionals. “While modern cybersecurity systems benefit from automation, they often suffer from poor customisation for end users,” says project coordinator Sotiris Ioannidis from the Foundation for Research and Technology – Hellas.

Adaptive training platform

THREAT-ARREST’s cloud-based training platform is accessible via the internet. Once a training programme is selected, users interact through the system’s web interface with a virtual training environment. The prototype currently comprises three complete training programmes: general security awareness, edge system security and back-end security. Once training is completed, performance is assessed and the trainee can receive a certificate of completion mapped to relevant certification schemes from ISACA, ISC2 or CSA, which all collaborated with the project. To increase the security capacity of organisations, THREAT-ARREST deployed specialised AI-driven tools such as Sphynx’s Security & Privacy Assurance Service, enhanced by the project, to analyse current systems and identify potential vulnerabilities. Employee training programmes were then customised accordingly. “Our approach actively transfers knowledge from specific cybersecurity environments back to the platform, in a feedback loop. This not only builds overall system capacity but guides trainees to apply their learning in their workplace by adjusting behaviours and practices,” explains Ioannidis. THREAT-ARREST was validated in three pilots integrated within training programmes designed for smart energy, smart healthcare and smart shipping. After THREAT-ARREST’s Assurance Tool had assessed each organisation’s security profile, 15-20 trainees – including basic users, technicians, physicians, administrators and security engineers – were trained. The project also ensured that the relevant adjustments were made to the organisation’s security apparatus. Two of the pilots have subsequently expressed their interest in incorporating THREAT-ARREST into their organisational training programme.

Consolidating European resources

The forthcoming EU Network and Information Security Directive could help create a comprehensive European cybersecurity framework. It stipulates the national capabilities necessary for effective cybersecurity, while fostering transnational cooperation. The team have reached an interoperability agreement with two other platforms, KYPO and SPIDER, meaning the platforms will be able to share use scenarios automatically or semi-automatically. Additionally, the training programmes are available for purchase within the ECHO project’s cybersecurity marketplace, as stand-alone packages or in some cases in combination with others. The team are currently setting up an Exploitation Committee with project partners to maintain collaborations. The Committee will pursue certification of THREAT-ARREST’s training programmes by industry bodies, seek support from the Cyber Competence Network, and establish a technical and operational federation of EU cybersecurity platforms. “Ultimately we expect to adopt a freemium business model, with free or cheap generic programmes for the general public and advanced certification training, alongside fully customised solutions, sold to professionals and large organisations,” concludes Ioannidis.

Keywords

THREAT-ARREST, cybersecurity, training, interoperability