Periodic Reporting for period 1 - CS-AWARE-NEXT (Dynamic cybersecurity management for organisations and local/regional networks based on awareness and collaboration)
Reporting period: 2022-07-01 to 2023-12-31
CS-AWARE-NEXT aims to provide improved cybersecurity management capabilities to organizations and local/regional supply networks. Such organisations and networks operate in a highly dynamic cybersecurity environment, and are required to comply with prevailing European legislation such as the network and information security (NIS) directive. The way such organizations approach cybersecurity increasingly needs to be more dynamic and more collaborative, building on a shared situational awareness of potential cybersecurity issues relevant to the organisations and networks in question. To achieve this, CS-AWARE-NEXT has identified several focus areas to be addressed: (a) Improved organisational policy support to enable organizations to deal better with the dynamic nature of cybersecurity. (b) Greatly enhanced cooperation/collaboration within the organization and with external actors, such as those comprising the local/regional supply chain. (c) Better integration of threat intelligence in operational cybersecurity management using innovative AI approaches and techniques. (d) Much improved disaster recovery/business continuity, integrated in operational cybersecurity management. (e) Elevated evidence collection and information sharing with relevant actors on the multi-level European cybersecurity framework. (f) Improved capacity for enabling organizations to assess their security status in comparison with other relevant actors through benchmarking and profiling. CS-AWARE-NEXT builds on the awareness, cybersecurity information sharing, and system self-healing capabilities of the CS-AWARE platform developed during the H2020 project of the same name. The integration of the advanced capabilities of CS-AWARE-NEXT will enable organizations and dependent supply networks to be much more effective and efficient in their use of cybersecurity platforms like CS-AWARE, supporting their day-to-day cybersecurity risk and incident management operations.
CS-AWARE-NEXT comprises 8 objectives which we briefly describe below:
Objective 1: Improved organisational policy support for dynamic cybersecurity management
Objective 2: Better cybersecurity cooperation and collaboration on the local and regional level
Objective 3: Improved data quality assessment and AI-based data correlation for utilising threat intelligence and social media in dynamic incident and risk management
Objective 4: Dynamic disaster recovery, business continuity and system self-healing on the organisational and local/regional level
Objective 5: Improved integration of threat intelligence and information sharing in organisational cybersecurity management
Objective 6: Define KPI based benchmarking and profiling to dynamically assess the security state in the multilevel cybersecurity environment
Objective 7: Provide a reference implementation and deployment in the context of the CS-AWARE cybersecurity awareness and collaboration platform
Objective 8: Follow an agile, design-science based approach to project implementation and validation, with end-user involvement in all project phases
CS-AWARE-NEXT comprises 8 objectives which we briefly describe below:
Objective 1: Improved organisational policy support for dynamic cybersecurity management
Objective 2: Better cybersecurity cooperation and collaboration on the local and regional level
Objective 3: Improved data quality assessment and AI-based data correlation for utilising threat intelligence and social media in dynamic incident and risk management
Objective 4: Dynamic disaster recovery, business continuity and system self-healing on the organisational and local/regional level
Objective 5: Improved integration of threat intelligence and information sharing in organisational cybersecurity management
Objective 6: Define KPI based benchmarking and profiling to dynamically assess the security state in the multilevel cybersecurity environment
Objective 7: Provide a reference implementation and deployment in the context of the CS-AWARE cybersecurity awareness and collaboration platform
Objective 8: Follow an agile, design-science based approach to project implementation and validation, with end-user involvement in all project phases
This first reporting period of the project comprised the commencement, running of most project Tasks, with only relatively few tasks remaining still yet-to-start. As expected, our work started with collecting and analysing the requirements and needs pertaining to the current approaches to cybersecurity policies of the individual pilot partners as these have been identified and roadmapped in the end user workshops, as well as derived from additional discussions during the consortium meetings.
The acquired results showed that the individual maturity of the pilot partners regarding cybersecurity policies is significantly below the expected level assumed in the planning phase both in terms of available organisational processes, as well as regarding the technological support concerning the policy lifecycle. The developed set of requirements and KPIs was hence adapted from taking the existing processes of the individual pilot partners and defining them as the baseline for further development to ensure a high degree of user acceptance.
The acquired results showed that the individual maturity of the pilot partners regarding cybersecurity policies is significantly below the expected level assumed in the planning phase both in terms of available organisational processes, as well as regarding the technological support concerning the policy lifecycle. The developed set of requirements and KPIs was hence adapted from taking the existing processes of the individual pilot partners and defining them as the baseline for further development to ensure a high degree of user acceptance.
Apart from contributions to methodological and process-related aspects that can have a lasting impact on the matters of dynamic cybersecurity management for organisations and local/regional networks there are certain areas where we believe that the results of the CS-AWARE NEXT project shall be apt for further uptake by industry and possibly form also the base for new products and services.
It is obvious that collaborative activities can be mediated in various ways, and with use of various media such as synchronous, asynchronous, spoken, written, virtual or face-to-face, etc. and exhibit also a variety of timescales, varying from immediate action to long-term strategies.
Our innovation within the CS-AWARE NEXT project that we regard as going beyond the state of the art in the sector relates to the design of tool-based collaborative scenarios, tailored to the needs of collaborative cybersecurity management on the local/regional level. This allows multimodal collaboration on different timescales. This goes beyond the usual loose collaboration e.g. via the ISAC model, and provides a platform for managing the collaborative tasks relating to cybersecurity. This will be realised in the context of the CS-CONNECT collaborative platform.
It is obvious that collaborative activities can be mediated in various ways, and with use of various media such as synchronous, asynchronous, spoken, written, virtual or face-to-face, etc. and exhibit also a variety of timescales, varying from immediate action to long-term strategies.
Our innovation within the CS-AWARE NEXT project that we regard as going beyond the state of the art in the sector relates to the design of tool-based collaborative scenarios, tailored to the needs of collaborative cybersecurity management on the local/regional level. This allows multimodal collaboration on different timescales. This goes beyond the usual loose collaboration e.g. via the ISAC model, and provides a platform for managing the collaborative tasks relating to cybersecurity. This will be realised in the context of the CS-CONNECT collaborative platform.