Natalia I. Kadenko, TU Delft
W developed recommendations for a governance model for the interaction between the ECCC, the NCCs and local cybersecurity communities. We created the concept of CHECKs (Community Hubs of Expertise in Cybersecurity Knowledge) to organise the Community, to address existing challenges, while providing flexibility, accounting for the needs of the local community and creating real added value
Our recommendations were that dedicated funds should be provided, for example, under the Horizon/Digital Europe Programmes, to deepen the cooperation and coordination of such stakeholders, alongside dedicated funds to set up CHECKs in all Member States.
Blueprint Research & Design
Antonio Skarmeta, University of Murcia
CyberSec4Europe research and innovation was focussed on:
- Privacy-preserving IdM, strong AAA and secure & private communications
- Usability aspects of security assets
- Certification frameworks and continuous monitoring
- Automated tools for verification and enforcement of security policies in software
- GDPR compliance for use in SMEs
- Methodology for the individualised evaluation of requirements
- Advanced threat intelligence services for deploying adaptive security solutions
A functional cybersecurity architecture was developed based on research work, considering 75 software assets, 18 of which were integrated with application demonstrator use cases. In addition , we recorded more than 36 papers in workshops, conferences and journals
Evangelos Markatos, FORTH
We produced three extensive annual reports with an analysis of trends and challenges, as well as short-, medium and long-term roadmaps, in the project’s seven application domains:
- Fighting fraud (in Open Banking),
- Supply chain security (and the use of blockchain)
- Privacy-preserving identity management (in Higher Education)
- Incident reporting (in the financial sector)
- Maritime transport
- Medical data exchange
- Smart cities (and the use of personal data)
We participated in the Roadmapping Focus Group with the other pilots and ECSO to produce a set of priorities in cybersecurity and in collaboration with the cybersecurity ATLAS
Alessandro Sforzin, NEC Laboratories Europe GmbH
Featuring the seven application domains (see Roadmapping), we ran two phases over the course of the project reporting the following:
- A requirements analysis of demonstration use cases
- The specification and set-up of the demonstration use cases
- The validation of the demonstration use cases
The use cases integrated where appropriate software assets developed in the project (see Blueprint Research); some of theses application areas will be commercially exploited after the end of the project. Altogether 29 use cases were defined identifying the common research, development, and innovation concepts developed by the project and were integrated in 14 demonstrators over the course of the project.
Jarno Salonen, VTT on behlaf of Silvia Vidor, University of Trento
The main objective was “to define guidelines and tools that support the design of capability building instruments”. The key questions addressed were:
- Which cybersecurity knowledge areas/units/skills can be taught?
- In which areas/units/skills are we educating people?
- How to choose knowledge areas/units/skills for a specific profile?
- How should an education unit be designed and offered?
- How does one assess and evaluate the quality of an education offer?
A survey was performed to verify which skills are considered important in cybersecurity for academia and industry. The conclusions were that there are critical skills that are not currently being taught by cybersecurity programs; and, at the same time, there are critical mismatches between industrial and academic skills – with 7 out of the top 10 skills different between the two fields. We produced a collaborative crowd-sourced database of cybersecurity related education programmes with other pilots and ENISA
Vaclav (Vashek) Matyas, Masaryk University
We. examined and provided open tools for certification and validation, in close relation to education and standardisation. This included a completely open cyber range – portable, lightweight virtual lab environment.
We worked with and mapped existing cyber ranges, industry requirements and provided specifications for implementation, including a sample integration/federation. We examined the role of certification for cybersecurity and its implementations. We created an ‘Open Tools Portal’ with tools for end-users as well as a set of developed open-source tools for professional use
Liina Kamm, Cybernetica AS
There were three main objectives: communicate and liaise with SDOs, map standards to application areas and give a comprehensive overview of different SDOs.
We made the following recommendations:
- ECCC should liaise and work with SDOs.
- Standards should be made freely available to universities or independent cybersecurity researchers.
- EC should support standards development and encourage free access to results.
- ECCC could make regular recommendations as to which standards to pick for financing by the EU.
- Member States could support national SDOs to include more international standards into national standardisation collections.
- Member States could translate standards into national languages to increase uptake
Dissemination, Communication & Exploitation
David Goodman, Trust in Digital Life Association
We managed the project website & social media, weekly news posts/blogs and branding for events, and other purposes. We collected project partner dissemination / communication activities and scientific articles..We also organised events and webinars as well as reported on summer schools involving or organised buy partners
In addition we produced:
- An analysis of SME awareness programmes and recommendations for better outreach based on survey in seven Member States – as well as awareness effectiveness
- Supply chain security recommendations, particularly for SMEs, also based on a narrative of supply chain work across the project
- An exploitation and innovation strategy based on input from all partners
- A series of policy recommendations based on project findings
Mark Miller, CONCEPTIVITY
The objectives were:
- Concertation and clustering with related and concurrent projects for joint learning, information sharing, cooperation, benchmarking and achieving significant impact
- Cooperation with existing cybersecurity ecosystems and communities building upon important experience and capabilities developed over time
- Collaboration with EU bodies and agencies to address the strategic research and innovation agenda elements (cPPP) and to contribute effectively to the work of ENISA, Europol, EU agencies and bodies in relation to cybersecurity
We organised three annual concertation events two of which were branded as CONVERGENCE with recommendations. We reported on partner collaboration with ENISA, DG CNECT, EUROPOL, ECSO and Working Groups, EOS, EDPS, IDSA, IETF, IEEE, AIOTI, IoT Forum as well as standardisation bodies
A CyberSec4Europe Overview
Kai Rannenberg, Goethe University Frankfurt