In other words, activities that most of us would not wish to be knowingly associated with. In sharp contrast, ‘an exploit’ is defined as a heroic deed or feat as well as a brilliant or daring achievement, which is much more promising as aspirations go. Somewhere between the two, we have a further, final, a propos definition which is to make the best use of.

It is in this sense that all 43 CyberSec4Europe partners are requested to identify how they intend to exploit, both individually and collectively, the results of their work or relating to assets developed or enhanced during the course of the project. This is a common requirement of all EU-funded projects, as it demonstrates to the Commission and other policy makers – as well as European taxpayers – the potential return on investment from the project in terms of the EU’s strategic initiatives, which in the case of CyberSec4Europe is to strengthen the safety and security of European society.

Having said that, the series of three Exploitation Strategy reports, the first of which was published recently, are different from those of other H2020 projects, as CyberSec4Europe is expected to test and validate the procedures and operational setup for the better exploitation of cybersecurity research, which will later serve the Cybersecurity Competence Network and Centre. From an exploitation perspective, this presents a significant challenge in that CyberSec4Europe is a large-scale pilot exercise consisting of a wide-range of mini-projects that are held together through collaboration and a common cause and are equally diverse in terms of results.

The other challenge is that CyberSec4Europe comprises organisations, large and small from software vendors to corporate businesses, universities and research institutes, SMEs, legal and consultancy firms, and not for profit organisations, all of whom are expected to develop their own clear ideas on how to exploit their achievements and to contribute to their own exploitation goals, enabling implementation of the project results through various disciplines and stakeholder types.

To assist with achieving a degree of uniformity in their responses, given this diversity, partners are offered a pre-defined set of headings to describe their plans and to maintain independently throughout the course of the project. The outcomes not surprisingly reflect the activities of the different types of organisations in the project, although it was also apparent that many organisations have not yet fully considered how or in what way they may leverage their participation in CyberSec4Europe. It is realistic to expect many if not all partners to be more focused at the time of the next set of reports.

The joint collaboration was split between the five of the project segments:

• Governance, design and pilot
• From research and innovation to industry
• Education, training
• Standardisation
• Communication and community building

In each of these sectors, we were able to point to outstanding achievements involving groups of partners working together.

We also identified the sustainability strategy of the CyberSec4Europe framework in the context of building a network of competence centres in Europe beyond the completion of the project, in collaboration with the other three pilots and ECSO, the European Commission and the Competence Centre in Bucharest. For this we asserted that each of the pilot projects comprise three distinct sets of activities:

• Governance
• Technical Activities
• Communications

Consequently, we split the project’s sustainability strategy along these lines into three types of output, each of which are instruments used during the course of the project in order to achieve the sustainability of the project beyond its completion:

• Strategic input – management and governance design contributions
• Technical collaboration – participation in four focus groups
• Communications and Networking – participation in a joint communication group as well as hosting two concertation events

We also referenced innovation in the project, whether they be innovative products, solutions or services being developed during the course of the project, either from pre-existing assets introduced by consortium partners or developed from scratch. It was to be expected and was evidenced that the demonstration use cases were the most likely – but not the only – candidates for generating innovation assets that could be successfully exploited, commercially or otherwise, after the end of the project.

At this stage, there are no patents pending as a result of CyberSec4Europe activities, although it is clear that discussions are ongoing between several partners about commercialisation rights on assets developed during the project. We would expect to report more in this regard in future iterations of this report.

In conclusion, we acknowledge that this first report is going to be a living document over the rest of the project and to provide indicators of proposed next steps over the coming twelve months. In a later report in this series, we will ask all partners to compare their organisation’s initial expectations of how they would eventually benefit from participation in CyberSec4Europe with how their very advanced exploitation plans have (or have not) met those expectations. The insights gained from this exercise could inform how future collaborative activities are constructed.

Overall, the reflections on what we’ve achieved to date and what lies ahead demonstrates that, with confidence, we can be heroes, if not for ever and ever, certainly for more than one day.

 

David Goodman

Trust in Digital Life