Skip to main content

SYSTEMIC ANALYZER IN NETWORK THREATS

Periodic Reporting for period 2 - SAINT (SYSTEMIC ANALYZER IN NETWORK THREATS)

Reporting period: 2018-05-01 to 2019-04-30

The H2020 SAINT project examines the problem of failures in cyber security by using a multidisciplinary approach that goes beyond the purely IT technical viewpoint (attached Figure 1). SAINT analyses and identifies incentives to improve levels of collaboration between cooperative and regulatory approaches to information sharing in order to enhance cyber security and mitigate (a) the risk and (b) the impact from a cyber-attack, while providing, at the same time, solid economic evidence on the benefit from such improvement based on solid statistical analysis and economic models.

SAINT collects important information, regarding cyber-threats and relevant vulnerabilities, tangible (assets) and intangible (reputation) risks in order to identify the most relevant indicators and metrics. It analyses these cyber security data metrics with a multidisciplinary methodology, employing analytic frameworks from various scientific disciplines. The project results benefits all relevant stakeholders in the cyber-security domain.

SAINT achieved the following objectives:
• established a complete set of metrics for cyber-security economic analysis, cyber-security and cybercrime market
• developed economic models for the reduction of cyber-crime as a cost-benefit operation
• evaluated the associated benefits and costs of information sharing regarding cyber-attacks
• identified the limits of the minimum needed privacy and security level of internet applications, services and technologies
• identified potential benefits and costs of investing in cyber-security industry as a provider of cyber security services
• provided a set recommendations to all relevant stakeholders to fight cyber-crime through a systemic approach

As a conclusion, by achieving the aforementioned objectives, SAINT improved social, institutional and economic comprehension of cyber security failures, facilitated information dissemination and sharing, and improved decision making, governance and investments by the relevant stakeholders.
SAINT project analysed:
• over 76 cyber security metrics, indicators & open source intelligence methodologies
• over 50 cyber security standards, benchmarking and best practices
• 6 security market & revenue models
• over 60 cyber security solutions and products
• identified 8 cyber security failures and requirements
• created 8 new economic models
• proposed over 10 cyber security oriented recommendations to corresponding stakeholders
• provided over 7 tools for behavioral and social analysis, decision support, risk and cost assessment and information sharing

SAINT accomplished interesting results in 4 directions:
1) Surveys
2) Databases
3) Tools
4) Econometric & Empirical Analysis

Regarding SAINT surveys, the project accomplished:
• improved understanding of information security failures
• more informed and risk-based investment decisions in cyber security
• facilitation of information sharing between cyber security actors

Regarding SAINT databases, the project created:
• a public online searchable indicator database
• a number of confidential databases

Regarding SAINT tools, SAINT created:
• the SAINT Global Security Map
• the Cyber security Social Network Analyzer (CSNA)
• the SAINT Social Network Analyzer (SNA) for Twitter
• the SAINT Clearnet Crawler
• a Bug Bounty Analyzer
• a URL Vulnerability Assessment Tool

Regarding SAINT Econometric and Empirical Analysis, the accomplishments and results are summarized as follows:
• SAINT research demonstrates the potential benefits of co-operation between firms in the areas of exchanging information and participating in mutual co-operative schemes
• Real (deflated) long-run average production cost has a 4% – 7% negative elasticity on the percentage of firms participating in information sharing processes (1st form of cooperation)
• Elasticity of demand for Cloud Internet purchased computer services (2nd form of cooperation) is significantly positive by almost 5% towards the wage rate in the IT sector for specialized IT labor force
• Empirical research yielded a below unity inelastic demand (price elasticity = -0.03) for vulnerability disclosures by the firms. In case of a 10% rise of the price of a bug bounty, there will be a corresponding fall of 3% in the demand of firms for vulnerability disclosures
• Despite increases of bug bounties, firms will still be willing to pay these higher prices of vulnerability disclosures rather than turning to other solutions

The most significant exploitable results of SAINT follow:
• SAINT surveys
• SAINT databases
• SAINT Tools
• SAINT theoretical models about the cost of cyber-crime incidents on organizations’ assets
• SAINT cyber-security metrics

Exploitation will be achieved through one or more start-ups that will be initiated by the SAINT consortium. The start-ups could be either technology-based, for exploiting the tools and databases, or theoretical-based, for exploiting and conducting cyber security surveys and performing econometric and empirical analysis. The first step has been already made as a joint venture has been initiated by CYBE and MNTMG to offer Cyber Threat Intelligence services. The company is called SISSDEN BV (https://sissden.com/).

The dissemination results of SAINT project are quite impressive:
• the project’s website has over 500 hits per month
• 3 leaflets/brochures have been circulated throughout the project
• 11 peer-review publications have been achieved
• 6 press releases have been released
• 2 demonstration videos have been created
• 18 blog texts have been uploaded
• 6 newsletters have been released
• 2 whitepapers have been published
• 2 related workshops have been organized
• over 35 presentations in related events, conferences and workshops
SAINT identifies and develops the foremost and trusted metrics and economic indicators of cyber-security. It also identifies the best practices within the cyber security community and Regulators and performs a comparative analysis of cyber-crime victims by region and country.

Regarding the automated analysis framework, the project uses novel crowd-sourcing based methods for gathering, representing, and processing data from various intelligence feeds.

SAINT performs a multidimensional and multidisciplinary research and stakeholder and ecosystem market analysis. It provides a comprehensive mapping and modelling of cyber-crime ecosystem. It identifies, analyses and specifies each stakeholder category in order to understand and model its actual or potential interactions from an economic perspective. It also analyses the market and revenue models linked to the cyber-crime; it uses the gathered data to analyse, deconstruct and model the economic flows and interactions that serve as incentives and motivate the cyber-crime economy.

The main socio-economic impact of the project is the following:
- Improve societal understanding of information security failures and how they should be addressed
- Improve decision making, governance and investments by stakeholders
- Provide new models (that take into account cyber-security economics, risks, social and market aspects) for improving institutional and private initiatives in their quest for societal resilience to cyber-security risks
- Facilitated information dissemination and sharing for the public and registered users
- Develop a set of recommendations to fight cyber-crime through systemic approach impacting the economic and incentive models of cyber-crime