Periodic Reporting for period 2 - NeCS (European Network for Cyber-security)
Berichtszeitraum: 2017-09-01 bis 2019-08-31
The European Network for Cyber Security (NeCS) directly addresses the training and development of a European talent pool to help implement and support the European Cybersecurity strategy as highlighted in the EC’s Digital Agenda.
As cyber-security is inherently multi-sectorial, the NeCS participants (beneficiaries and partners), by design, span both the academic sector and the non-academic one. The NeCS network comprehensively collects and links multi-disciplinary expertise in the cyber-security area, ranging from social science and legal expertise for ICT to security metrics and risk assessment and mitigation techniques, to cyber-security technology, systems and operations, considering also information sharing aspects and regulatory compliance of information processing procedures. Further to the above, NeCS offers to trainees personalised research and innovation training plans that uniquely combine cutting edge science with exposure to real-life systems, data and case-studies together with specialized training in complementary soft skills with a strong emphasis on research exploitation, entrepreneurial and communication competence. This further enhances the competences of the 15 ESRs, in a rapidly growing and highly demanding job market for cyber-security that spans across industry, research/academia, regulatory bodies, and beyond.
In addition to the training capabilities developed within this network, NeCS will become a very significant asset for the European Research Area (ERA) enabling it to address the cyber-security challenges that are gaining continuous attention at all levels of European society.
NeCS’s explicit objective is to train the next generation of researchers and practitioners who will be able to meet the demand for careers in Cyber-Security and further Europe’s research excellence in the area. To achieve this, trainee researchers will have to develop skills and expertise that build on a fusion of aspects from IT and network security technologies, risk management, information assurance, international law and political sciences and social sciences. Particular emphasis will be placed on bidirectional transfer of knowledge between academic and commercial organisations and on coupling foundational research with practical “hands-on” technology experience and advanced prototyping. According to the initial findings of the European platform on “Network and Information Security (NIS)” there are at least three key areas that should be covered for cyber-security. They are risk management, information sharing and eventually cyber-security operations management.
As cyber-security is inherently multi-sectorial, the NeCS participants (beneficiaries and partners), by design, span both the academic sector and the non-academic one. The NeCS network comprehensively collects and links multi-disciplinary expertise in the cyber-security area, ranging from social science and legal expertise for ICT to security metrics and risk assessment and mitigation techniques, to cyber-security technology, systems and operations, considering also information sharing aspects and regulatory compliance of information processing procedures. Further to the above, NeCS offers to trainees personalised research and innovation training plans that uniquely combine cutting edge science with exposure to real-life systems, data and case-studies together with specialized training in complementary soft skills with a strong emphasis on research exploitation, entrepreneurial and communication competence. This further enhances the competences of the 15 ESRs, in a rapidly growing and highly demanding job market for cyber-security that spans across industry, research/academia, regulatory bodies, and beyond.
In addition to the training capabilities developed within this network, NeCS will become a very significant asset for the European Research Area (ERA) enabling it to address the cyber-security challenges that are gaining continuous attention at all levels of European society.
NeCS’s explicit objective is to train the next generation of researchers and practitioners who will be able to meet the demand for careers in Cyber-Security and further Europe’s research excellence in the area. To achieve this, trainee researchers will have to develop skills and expertise that build on a fusion of aspects from IT and network security technologies, risk management, information assurance, international law and political sciences and social sciences. Particular emphasis will be placed on bidirectional transfer of knowledge between academic and commercial organisations and on coupling foundational research with practical “hands-on” technology experience and advanced prototyping. According to the initial findings of the European platform on “Network and Information Security (NIS)” there are at least three key areas that should be covered for cyber-security. They are risk management, information sharing and eventually cyber-security operations management.
• 14 ESRs have been recruited and grown up in a vibrant scientific environment in premises of the beneficiaries in order to develop their skills as researchers; Most of them have at the end of the NeCS project research and innovation positions in NeCS beneficiaries/partners.
• 18 network-wide courses have been delivered on the specific core topics of the project as well as on broader organisational topics.
• 9 Summer/winter schools were organised by NeCS. The new NeCS winter school series will become an event of the new 4 Pilots of Competence Network in Cybersecurity showing legacy.
• More than 40 webinars organized by ESRs (those were not initially planned in the DoA).
• 6 scientific conferences were organized and supported by NeCS, such as the QASA workshop series and the 32nd IFIP SEC 2017 conference in Rome.
• More than 25 secondments were successfully performed.
• 54 scientific publications were co-authored by ESRs.
• Contributions of the NeCS partners continued the community building effort of NIS platform and cPPP ECS partnership (with several partners in key roles, including ATOSIT chairman of the Board and CNR vice chairman of the Board, UMA and BT co-chairs of WGs). Several NeCS Partners are part of the European Competence Network Pilots launched in 2018.
o Ideally, the concept of NeCS as network in Cyber Security was right, the commission scaled up to 4 large pilots of 16ME each (in 2019).
• NeCS has been highlighted within the companies of the industrial partners, as a route to bring in leading edge innovations and build workforce skills and a talent pool in cyber-security.
• 18 network-wide courses have been delivered on the specific core topics of the project as well as on broader organisational topics.
• 9 Summer/winter schools were organised by NeCS. The new NeCS winter school series will become an event of the new 4 Pilots of Competence Network in Cybersecurity showing legacy.
• More than 40 webinars organized by ESRs (those were not initially planned in the DoA).
• 6 scientific conferences were organized and supported by NeCS, such as the QASA workshop series and the 32nd IFIP SEC 2017 conference in Rome.
• More than 25 secondments were successfully performed.
• 54 scientific publications were co-authored by ESRs.
• Contributions of the NeCS partners continued the community building effort of NIS platform and cPPP ECS partnership (with several partners in key roles, including ATOSIT chairman of the Board and CNR vice chairman of the Board, UMA and BT co-chairs of WGs). Several NeCS Partners are part of the European Competence Network Pilots launched in 2018.
o Ideally, the concept of NeCS as network in Cyber Security was right, the commission scaled up to 4 large pilots of 16ME each (in 2019).
• NeCS has been highlighted within the companies of the industrial partners, as a route to bring in leading edge innovations and build workforce skills and a talent pool in cyber-security.
A direct contribution of the network is the creation of a new generation of researchers with expertise in cyber-security operations management that will be fruitfully and rapidly employed in industry, research/academia, regulatory bodies, etc. or could set up their own entrepreneurial activities. The impacts of the network activities can be summarised at several levels:
● At the societal level, we are creating a new wave of experts in cyber-security research and innovation that will help to solve and successfully tackle the menaces posed by new threats. This will contribute to reducing the impact of cyber-attacks on society, improving trust in the cyber world, easing the adoption of new technologies and regulations and increasing their impact.
● At the research level, the performed activities will produce several direct and indirect results, contributing to the creation and dissemination of new knowledge and expertise across several disciplines as well as boosting new technology development.
● At the training level, the number of trainees in the relevant network-wide events will be high (and not just limited to ESRs). We see the training and research infrastructures as a way for us to increase the number of human resources trained and created at European level. As mentioned, there will be in the future a significant need of cyber-security training capabilities and it will be an asset to be exploited by the NeCS research teams involved. The training material and events developed will provide a seed that many other researchers in Europe can use.
● At an innovation level, we are setting up specific courses that enable the direct or indirect uptake of cyber-security solutions and products. This can be as a result either of a transfer of knowledge of the Network through its main companies or by direct action of one of the trainees.
● At the societal level, we are creating a new wave of experts in cyber-security research and innovation that will help to solve and successfully tackle the menaces posed by new threats. This will contribute to reducing the impact of cyber-attacks on society, improving trust in the cyber world, easing the adoption of new technologies and regulations and increasing their impact.
● At the research level, the performed activities will produce several direct and indirect results, contributing to the creation and dissemination of new knowledge and expertise across several disciplines as well as boosting new technology development.
● At the training level, the number of trainees in the relevant network-wide events will be high (and not just limited to ESRs). We see the training and research infrastructures as a way for us to increase the number of human resources trained and created at European level. As mentioned, there will be in the future a significant need of cyber-security training capabilities and it will be an asset to be exploited by the NeCS research teams involved. The training material and events developed will provide a seed that many other researchers in Europe can use.
● At an innovation level, we are setting up specific courses that enable the direct or indirect uptake of cyber-security solutions and products. This can be as a result either of a transfer of knowledge of the Network through its main companies or by direct action of one of the trainees.