Periodic Reporting for period 2 - YAKSHA (Cybersecurity Awareness and Knowledge Systemic High-level Application) Reporting period: 2019-07-01 to 2020-12-31 Summary of the context and overall objectives of the project YAKSHA emerged from the recognition that information is an enabling factor for developing economies and society. However, countries from ASEAN, particularly those classified as low and middle income countries, have long been subject to several cybersecurity issues and are exposed to specific risks. While progress has been made in Southeast Asia in the adoption of ICT solutions to combat cybersecurity threats, there is also an opportunity to leverage existing know-how and establish partnerships to develop new and tailored cybersecurity solutions.With this in mind, the overarching objective of YAKSHA was to reinforce EU-ASEAN cooperation and the building of partnerships in the cybersecurity domain by developing a solution tailored to specific user and national needs, supported and leveraging EU know-how and local expertise. YAKSHA developed and introduced the innovative concept of honeypots-as-a-service, which greatly enhanced the process of gathering threat intelligence. It enhanced cybersecurity readiness levels for end users, helped prevent cyber-attacks, mitigate cyber risks and better govern the whole cybersecurity process.The YAKSHA software solution has been developed and validated in real-world pilot projects in Europe and Southeast Asia (Greece, Vietnam and Malaysia). Based on the solution, a business plan has been prepared and is being implemented for the transition of the solution and its complementary services to TRL9, including the ASEAN partners. The developed solution is thus now on the road to being exploited commercially.Overall, YAKSHA contributed to enhancing cybersecurity skills in Europe and creating new positions for cybersecurity specialists in ASEAN. The consortium believes that it has created a positive impact on the competitiveness of European security industry and its long-term impact through the YAKSHA platform business deployment that will occur in 2021 and 2022. Work performed from the beginning of the project to the end of the period covered by the report and main results achieved so far YAKSHA carried out an extensive review of the cybersecurity context and status in the EU and ASEAN. Complementarily, the project organised three co-creation workshops in Southeast Asia (i.e. Malaysia, Vietnam and Thailand) in order to develop a common vision and roadmap for these countries’ cybersecurity ecosystems. The workshops were attended by 75 participants from these countries.From a technological and development perspective, the project also carried out various activities. Specifically, the project defined the methodology to collect data. The methodology establishes a baseline of activities that help determine what data YAKSHA has to collect, what methods and tools to adopt for data collection, and what reference architecture design is suitable for data collection, management and processing. In parallel, the project also defined the ontology to be used to store the information from the honeypots, and standards to be used to ensure interoperability. Lastly, the project has focused on researching new methods for malware detection and collection, as well as to measure impact. At the technological level, the project developed the YAKSHA software technology, which has resulted in the following versions: Prototype, Beta Version, Release Candidate and Final Version. In parallel, a database was developed that is used to store the information collected by the honeypots, based on the already defined ontology. Furthermore, a data analytics correlation engine has been developed, which analyses dynamic/behavioural aspects of malware, correlates similarity of behaviour of malware samples, among others. Lastly, the project has developed the testbed for the trials of the first prototype and of the final version. With the YAKSHA solution developed, the project also provided three pilots with different use cases: Greece, Malaysia and Vietnam. Pilot deployment began at the beginning of M18 and was completed in M36. The conclusions from the pilots’ evaluation also reinforces the significance of YAKSHA.The success of the project was dependent on an effective dissemination and communication of the project, which has been carried out since the beginning of the project. 103 Ambassadors have been recruited covering various SEA countries. During the project period, several events and workshops were organized. Co-creation workshops to understand the potential business scenarios developed in Malaysia, Thailand and Vietnam. Two end-user events – the first was held in Putrajaya, Kuala Lumpur on the 27-28th of November 2019; and the second took place on the 9th of December 2020 in the form of a 4-hour long online webinar held through Zoom webinar platform. Furthermore, the project participated in 34 external (non-project) events overall.An exploitation plan has been developed that details the actions to be implemented after the end of the project. In particular, a EU-based start-up joint venture will be established by partners MOT and StAG, in close collaboration with UPRC. This start-up will offer a range of products and services based on the exploitable assets these three partners developed during the project. The YAKSHA platform will be the core of the offer range and will be offered to end users as a cloud-based service or as a on premise installation. The launch of YAKSHA on the ASEAN market is foreseen for the last quarter of 2021 and on the European market at the beginning of 2022. Close relationships and formal agreements with the ASEAN partners CSM, ACIOA and NSTDA are being established in order to support the adoption of YAKSHA in the region and enjoy mutual technology and knowledge exchanges. Progress beyond the state of the art and expected potential impact (including the socio-economic impact and the wider societal implications of the project so far) All project results have been achieved and the YAKSHA system integration and delivery is finalized. The results received from the pilots provide inputs towards the development and fine-tuning of the software, as well as the exploitation strategy to be implemented in 2021 and 2022, thus contributing to a solution that responds to a wider range of end users’ needs. This aspect contributes to the sustainability of the project and the platform, having a strong social and economic impact implications in Europe and ASEAN.Furthermore, YAKSHA reached the target value of 100 Ambassadors from different Southeast Asian countries. The YAKSHA Ambassadors are potential end-users and re-sellers of the YAKSHA solution. The involvement of more than 100 Ambassadors in the project is crucial for the exploitation phase of the YAKSHA software. In addition to these key results, YAKSHA continued to develop research on novel methods in malware detection and collection (as part of the pilot evaluation), as well as impact assessment, thereby contributing to advances in the current state of the art in these two areas. With regard to impact, the efforts in raising awareness and disseminating YAKSHA have already proved successful. External stakeholders/ organisations have already shown interest in testing the YAKSHA software on their own premises. In addition, outreach tools have been fully utilised, ranging from flyers and physical promotion events and booths to social media channels. It is also relevant to note that international cooperation between both partners in EU and low- and middle-income countries in the ASEAN has been reinforced by the different end-user events, co-creation workshops, consortium calls, and technical review meetings held. YAKSHA also focused on reinforcing strategic partnerships, in particular with ASEAN countries.