European Commission logo
English English
CORDIS - EU research results
CORDIS

Bridging the security, privacy and data protection gap for smaller enterprises in Europe

Project description

Helping SMEs comply with personal data protection requirements

Millions of small and medium enterprises (SMEs) in Europe do not comply with the EU’s General Data Protection Regulation (GDPR). Unlike larger enterprises, SMEs are more likely to lack a clear roadmap to compliance. Many also cannot afford access to enterprise-grade cybersecurity technology. The EU-funded SENTINEL project will work to boost SME capabilities in this domain cost-effectively through innovation. It will integrate tried-and-tested modular cybersecurity technologies with fresh, ambitious ones, such as a novel identity management system for human-centric data portability. The aim will be to enable a unified European data space and an end-to-end digital personal data protection compliance self-assessment framework for SMEs.

Objective

Over 25 million European SMEs/MEs, central within EU enterprise policy, face multiple challenges related to personal data protection; ranging from awareness, to a clear and practical roadmap to compliance, the most prominent one is the fact that, unlike larger enterprises, SMEs/MEs lack access to enterprise-grade cybersecurity technology and capacity-building for compliance, making them increasingly often victims of costly data breaches. Although, according to studies, small and micro businesses declare openness to invest in regulatory compliance, including for consultants and technology, millions of European SMEs/MEs still fail to comply with GDPR while their managers are confused about basic data security concepts, like data stewardship, encryption and secure communication. This presents a clear gap between cybersecurity- and privacy-related spending and its actual effect in personal data protection compliance.
SENTINEL aspires to bridge this gap by boosting SMEs/MEs capabilities in this domain through innovation, at a cost-effective level. SENTINEL will integrate tried-and-tested modular cybersecurity technologies with fresh, ambitious ones, such as a novel Identity Management System for human-centric data portability, enabling a unified “European Data Space” and an end-to-end digital personal data protection compliance self-assessment framework for SMEs, into a unified digital architecture. The data from these modules will then undergo disruptive Intelligence for Compliance through SENTINEL’s digital core, featuring machine learning-powered recommendations, policy drafting & enforcement for compliance and a ‘one-stop-shop’ incident response centre. Combined with a well-researched methodology for application, an open knowledge sharing hub and a wide-reaching plan for experimentation, SENTINEL will catalyse adoption of market-leading security tech among SMEs/MEs and help safeguard their and their customers’ assets.

Call for proposal

H2020-SU-DS-2018-2019-2020

See other projects for this call

Sub call

H2020-SU-DS-2020

Coordinator

INFORMATION TECHNOLOGY FOR MARKET LEADERSHIP
Net EU contribution
€ 555 349,50
Address
KATECHAKI 22
115 25 Athina
Greece

See on map

SME

The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed.

Yes
Region
Αττική Aττική Κεντρικός Τομέας Αθηνών
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
Links
Total cost
€ 793 356,43

Participants (13)