European Commission logo
English English
CORDIS - EU research results

Democratizing a Cyber Security Toolkit for SMEs and MEs

Project description

Making SMEs more cyber-resilient

The EU is committed to boosting innovation in the cybersecurity, privacy and data protection sectors. The aim is to make Europe more cyberproof by strengthening deterrence, resilience and response to cyberthreats. An important step is helping to secure SMEs that are increasingly relying on networks and information systems for their business. The EU-funded CyberKit4SME project will develop tools to enable small businesses to become more aware of the risks so as to monitor, forecast and manage them. Specifically, it will design affordable and easy-to-use encryption and isolation tools to protect data. Blockchain tools will also be advanced to enable SMEs to share intelligence and incident reports with computer emergency response teams.


CyberKit4SME aims to democratize a kit of cyber security tools and methods enabling SMEs/MEs to: Increase awareness of cybersecurity risks, vulnerabilities and attacks; Monitor and forecast risks; Manage risks using organisational, human and technical security measures with greater confidence; and Collaborate and share information in a collective security and data protection effort.
Tools developed in the project are: Semi-automated ISO 27005 threat identification and risk mitigation analysis, using a knowledge base of technical and human/organisational risk factors; Encryption and isolation tools to protect data being stored, processed or exchanged; Security information and event management, using multiple data sources for threat detection and diagnosis, Blockchain tools for SMEs/MEs to share intelligence and incident reports with supply chain partners and with CERTs.
CyberKit4SME will make its tools cheaper and more usable by SME/ME, by 1) Exploiting synergies between tools in the kit to simplify the use of each; 2) Sharing information to increase the data available for threat detection and diagnosis at each SME/ME; 3) Embedding intelligence (e.g. machine reasoning and data analytics), to fill gaps in inputs and automate tasks such as risk analysis and security configuration.
The project will also use its tools and cyber range demos to train SMEs/MEs to identify their top threats and recognise and address them with greater confidence. Results will be validated by SME/ME in four critical sectors: Finance, Health Care, Energy and Transport. Outcomes include reducing the time/cost of cyber security awareness and protection, simplifying meeting and demonstrating compliance with NIS Directive and GDPR, protecting distributed assets from cloud services to edge devices, and engaging in secure supply chains with larger organisations. The project will also collaborate with related research projects and disseminate widely in the scientific community and in SME networks.

Call for proposal


See other projects for this call

Sub call



Net EU contribution
€ 347 325,30
93400 Saint Ouen Sur Seine

See on map

Ile-de-France Ile-de-France Seine-Saint-Denis
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
Total cost
€ 606 932,06

Participants (15)