Periodic Reporting for period 1 - DYNAMO (Dynamic Resilience Assessment Method including combined Business Continuity Management and Cyber Threat Intelligence solution for Critical Sectors)
Reporting period: 2022-10-01 to 2024-03-31
The pillars of today’s technological, organisational, economic and societal progress are under the constant threat of cyber-attacks. The attacks can potentially disrupt the daily operations of organisations, affect societal life or even harm the well-being of citizens. During the last year, the impact of cyber-attacks during the COVID-19 pandemic, the continuous cyber-attacks that are related to the war in Ukraine and the advanced attacks across complete supply chains underline the importance of building resilience mechanisms that are support by the provision of the appropriate information and deterrence mechanisms. A major asset in this, is the use of AI in order to address the amounts of data, the need for quick and effective analysis along with the support in the decision-making process. DYNAMO’s aim is to provide a synergetic approach; combing the concepts of Business continuity management (BCM) and Cyber Threat Intelligence (CTI) in order to increase the situational awareness of users and the resilience of systems across critical sectors. For the purposes of the project, DYNAMO is focusing on the Health, Maritime and Energy sectors. DYNAMO can provide support and assistance during the stages of the resilience cycle. DYNAMO’s objectives reveal the directions of the project and its intentions to address the current issues in an effective manner by providing cutting edge technologies and by adhering to the requirements and regulations of today’s business and governance worlds.
In order to achieve the objectives and to follow the resilience cycle, DYNAMO’s aims to achieve the following:
· Identify critical assets and functions of a critical sector (prepare)
· Consider cyber-risks which are known, but also acknowledge the unknown (prepare, prevent)
· Save sensitive data (prevent, protect)
· Test the response plan to ensure the effectiveness (response)
· Train business stakeholders concerning their responsibilities before an attack with the simulation of a potential attack (prepare) and during an attack (recover)
· Integrate AI-based solutions to accelerate the recovery behaviour (recover)
· Measure the effectiveness (return of investment) of resilience enhancement measures in alignment to the 4 R’s of resilience10 (rapidity, robustness, resourcefulness, redundancy
In order to achieve the objectives and to follow the resilience cycle, DYNAMO’s aims to achieve the following:
· Identify critical assets and functions of a critical sector (prepare)
· Consider cyber-risks which are known, but also acknowledge the unknown (prepare, prevent)
· Save sensitive data (prevent, protect)
· Test the response plan to ensure the effectiveness (response)
· Train business stakeholders concerning their responsibilities before an attack with the simulation of a potential attack (prepare) and during an attack (recover)
· Integrate AI-based solutions to accelerate the recovery behaviour (recover)
· Measure the effectiveness (return of investment) of resilience enhancement measures in alignment to the 4 R’s of resilience10 (rapidity, robustness, resourcefulness, redundancy
So far the project has managed to successfully produce the following achievements:
· Development of Use Cases for the Maritime, Healthcare and Energy Sector
· Creation of User/System Requirements
· Creation of DYNAMO’s Architecture
· Development of tools for the CTI Framework of DYNAMO’s Platform
· Development of tools for the BCM Framework of DYNAMO’s Platform
· Initial steps for the integration of the tools in the DYNAMO Platform
· Early versions of the tools
· Identification of the collaboration between the tools of DYNAMO
· Analysis for the potential information sharing among the users of the DYNAMO Platform
· Analysis of the needs of the end-users for BCM and CTI
· Development of Use Cases for the Maritime, Healthcare and Energy Sector
· Creation of User/System Requirements
· Creation of DYNAMO’s Architecture
· Development of tools for the CTI Framework of DYNAMO’s Platform
· Development of tools for the BCM Framework of DYNAMO’s Platform
· Initial steps for the integration of the tools in the DYNAMO Platform
· Early versions of the tools
· Identification of the collaboration between the tools of DYNAMO
· Analysis for the potential information sharing among the users of the DYNAMO Platform
· Analysis of the needs of the end-users for BCM and CTI
To increase the scientific impact of DYNAMO and disseminate the results to the scientific community, some of the DYNAMO partners have published open access publications (available on the DYNAMO website) and participated in numerous conferences to raise awareness of the project and demonstrate the relevance of the results. Collaborations with other projects within the Horizon Results Booster have also been initiated to create synergies and deliver further scientific impact at a broader level.
DYNAMO will continuously monitor market trends in systematic resilience assessments through CTI and BCM tools, analysing the evolution of research activities in the field, patents and public tenders in the EU and at international level by main procurement organizations. This information will contribute to define appropriate business models for each of the identified exploitable results and to develop a comprehensive After-Project Plan for the Sustainability of the DYNAMO outputs, assessing individual and joint exploitation strategies of project partners and detailing upscaling plans at both use cases and EU level.
Current assessment of impact: Over the last 18 months, DYNAMO has extensively worked towards the development of methods and components that meaningfully combine BCM and CTI, implementing and testing them in a large-scale, multi-level systemic platform that addresses the five phases of the resilience cycle. The Key Exploitable Results (KERS) identified as part of Task 7.4 are envisioned to trigger increased situational awareness against disruptions within a critical sector (via use-cases in the health, maritime and energy sector), the aim of which is to provide impact that lasts beyond the immediate scope and duration of the project. The overall project impacts DYNAMO has set out to achieve are as follows:
• Improvements to the EU’s cybersecurity capacities and technological sovereignty advancing Europe’s ability to act independently in the digital age.
• Strengthening digital infrastructures, systems and processes and improving resilience.
• Development of a disruptive solution, which improves cybersecurity in critical infrastructure settings.
• A roadmap towards a new standardisation framework to stimulate cybersecurity upgrading in public and private businesses.
• Increased public awareness of cyber threats and the importance of cyber security within business communities and society at large.
The development of the DYNAMO platform enables the resilience assessment of the critical sector by combining the disciplines of BCM and CTI. The combination of CTI processing with the BCM approaches will enhance situational awareness and recovery planning capabilities of Businesses/Critical Infrastructures. Within the BCM approach, DYNAMO plans to incorporate and build on existing tools and approaches to create an advanced situational awareness toolset, knowledge repository and training tools. It is essential that by integrating the BCM-CTI approach, DYNAMO targets all professionals in charge of keeping critical functions of the organisations running during a cyber-attack, not only cyber practitioners. The involvement of software engineering companies as part of the DYNAMO Consortium ensures the relevance of its results from a technical point of view, whereas the involvement of the Stakeholder Reference Group helps validate the results and guarantee their market uptake after the end of the project. The insight and expertise brought by these organisations will allow for concrete exploitation strategies to be devised by using pre-existing networks and distribution channels.
DYNAMO will continuously monitor market trends in systematic resilience assessments through CTI and BCM tools, analysing the evolution of research activities in the field, patents and public tenders in the EU and at international level by main procurement organizations. This information will contribute to define appropriate business models for each of the identified exploitable results and to develop a comprehensive After-Project Plan for the Sustainability of the DYNAMO outputs, assessing individual and joint exploitation strategies of project partners and detailing upscaling plans at both use cases and EU level.
Current assessment of impact: Over the last 18 months, DYNAMO has extensively worked towards the development of methods and components that meaningfully combine BCM and CTI, implementing and testing them in a large-scale, multi-level systemic platform that addresses the five phases of the resilience cycle. The Key Exploitable Results (KERS) identified as part of Task 7.4 are envisioned to trigger increased situational awareness against disruptions within a critical sector (via use-cases in the health, maritime and energy sector), the aim of which is to provide impact that lasts beyond the immediate scope and duration of the project. The overall project impacts DYNAMO has set out to achieve are as follows:
• Improvements to the EU’s cybersecurity capacities and technological sovereignty advancing Europe’s ability to act independently in the digital age.
• Strengthening digital infrastructures, systems and processes and improving resilience.
• Development of a disruptive solution, which improves cybersecurity in critical infrastructure settings.
• A roadmap towards a new standardisation framework to stimulate cybersecurity upgrading in public and private businesses.
• Increased public awareness of cyber threats and the importance of cyber security within business communities and society at large.
The development of the DYNAMO platform enables the resilience assessment of the critical sector by combining the disciplines of BCM and CTI. The combination of CTI processing with the BCM approaches will enhance situational awareness and recovery planning capabilities of Businesses/Critical Infrastructures. Within the BCM approach, DYNAMO plans to incorporate and build on existing tools and approaches to create an advanced situational awareness toolset, knowledge repository and training tools. It is essential that by integrating the BCM-CTI approach, DYNAMO targets all professionals in charge of keeping critical functions of the organisations running during a cyber-attack, not only cyber practitioners. The involvement of software engineering companies as part of the DYNAMO Consortium ensures the relevance of its results from a technical point of view, whereas the involvement of the Stakeholder Reference Group helps validate the results and guarantee their market uptake after the end of the project. The insight and expertise brought by these organisations will allow for concrete exploitation strategies to be devised by using pre-existing networks and distribution channels.