Democratizing a Cyber Security Toolkit for SMEs & MEs

Helping SMEs and MEs analyse, forecast and manage cyber security and data protection risks.

Making SMEs & MEs more cyber-resilient

The project will use its tools and cyber range demos to train SMEs/MEs to identify their top threats and recognize and address them with greater confidence. Results will be validated by SME/ME in four critical sectors.

Latest News

Information Sharing: public-private

CERT Sogei, involved in our project, was present today at the webinar on “Public-Private Information Sharing” organized by the CYBER 4.0 – Cybersecurity Competence Center Competence Center, in collaboration with the Agenzia per la Cybersicurezza Nazionale. It was a very stimulating moment of confrontation in which we participated with the intervention of Sogei’s Project Manager for CyberKit4SME […]

Screenshot of D6.5 PDF file
Deliverable D6.5 Now Available

Deliverable D6.5 – Cyber range training course is now available to read on CyberKit4SME’s website; Click here to read D6.5 – Cyber range training course content Below is an excerpt of the deliverable: The main goal of this deliverable is to define a series of exercises and training experiences depicting the importance and value of […]

First release of Service Ledger tool for sharing Cyber Threat Intelligence

Within the CyberKit4SME project, one of the objectives for SMEs and MEs is to enhance their cyber situational awareness by monitoring their systems and collecting indicators about potential cyber-attacks from external malicious actors. This goes under the name of Cyber Threat Intelligence (CTI), namely the art of detecting which system asset has been compromised and […]

Latest Publications

Private Data Harvesting on Alexa using Third-Party Skills

Abstract: We are currently seeing an increase in the use of voice assistants which are used for various purposes. These assistants have a wide range of inbuilt functionalities with the possibility of installing third-party applications. In this work, we will focus on analyzing and identifying vulnerabilities that are introduced by these third-party applications. In particular, we will build third-party applications (called Skills) for Alexa, the voice assistant developed by Amazon. We will analyze existing exploits, identify accessible data and propose an adversarial framework that deceives users into disclosing private information. For this purpose, we developed four different malicious Skills that harvest different pieces of private information from users. We perform a usability analysis on the Skills and feasibility analysis on the publishing pipeline for one of the Skills.

It’s Not My Problem: How Healthcare Models relate to SME Cybersecurity Awareness snippet
It’s Not My Problem: How Healthcare Models relate to SME Cybersecurity Awareness

Abstract: Small and medium enterprises (SMEs) make up a significant part of European economies. They are often described as poorly place to deal with cyber risks though because of resource constraints or commercial interests. Providing appropriate tooling would facilitate a greater appreciation of the risks and provide mitigation strategies. In a series of workshops demonstrating visualization tools for cybersecurity, constructs from healthcare models such as awareness, self-efficacy, and a willingness to engage were investigated to throw light on the likelihood that the technologies would be adopted. Although most constructs were validated, it turns out that self-efficacy could more appropriately be interpreted as a desire to understand a broader company narrative rather than empowering any individual to identify and manage cyber risk. As part of an ongoing examination of technology acceptance, this work provides further evidence that technology must be contextualized to make sense for the individual as part of the SME rather than as individual employee.

Color map of what the robot sees
Embedded Vision for Self-Driving on Forest Roads

Abstract: Forest roads in Romania are unique natural wildlife sites used for recreation by countless tourists. In order to protect and maintain these roads, we propose RovisLab AMTU (Autonomous Mobile Test Unit), which is a robotic system designed to autonomously navigate off-road terrain and inspect if any deforestation or damage occurred along tracked route. AMTU's core component is its embedded vision module, optimized for real-time environment perception. For achieving a high computation speed, we use a learning system to train a multi-task Deep Neural Network (DNN) for scene and instance segmentation of objects, while the keypoints required for simultaneous localization and mapping are calculated using a handcrafted FAST feature detector and the Lucas-Kanade tracking algorithm. Both the DNN and the handcrafted backbone are run in parallel on the GPU of an NVIDIA AGX Xavier board. We show experimental results on the test track of our research facility.