Democratizing a Cyber Security Toolkit for SMEs & MEs
Helping SMEs and MEs analyse, forecast and manage cyber security and data protection risks.
Making SMEs & MEs more cyber-resilient
The project will use its tools and cyber range demos to train SMEs/MEs to identify their top threats and recognize and address them with greater confidence. Results will be validated by SME/ME in four critical sectors.
Latest News
With the CyberKit4SME project coming to an end, there are a whole number of things that we need to consider. As we’ve improved and integrated different technologies, working with our end-user partners to validate each step of the way, another picture has started to emerge. We’ve been reporting our findings as we’ve gone along in […]
Excited to represent @Inetum at #SecurityCloudWeek organized by @Microsoft! Grateful for the opportunity to showcase our commitment to cybersecurity through the #CyberKit4SME project. Together, we’re building a safer digital future! #TechCollaboration #CyberSecurity
Latest Publications
Abstract: We present a first-of-a-kind end-to-end framework for running privacy risk assessments of AI models that enables assessing models from multiple ML frameworks, using a variety of low-level privacy attacks and metrics. The tool automatically selects which attacks and metrics to run based on answers to questions, runs the attacks, summarizes and visualizes the results in an easy-to-consume manner.
Abstract: We are currently seeing an increase in the use of voice assistants which are used for various purposes. These assistants have a wide range of inbuilt functionalities with the possibility of installing third-party applications. In this work, we will focus on analyzing and identifying vulnerabilities that are introduced by these third-party applications. In particular, we will build third-party applications (called Skills) for Alexa, the voice assistant developed by Amazon. We will analyze existing exploits, identify accessible data and propose an adversarial framework that deceives users into disclosing private information. For this purpose, we developed four different malicious Skills that harvest different pieces of private information from users. We perform a usability analysis on the Skills and feasibility analysis on the publishing pipeline for one of the Skills.
Abstract: Small and medium enterprises (SMEs) make up a significant part of European economies. They are often described as poorly place to deal with cyber risks though because of resource constraints or commercial interests. Providing appropriate tooling would facilitate a greater appreciation of the risks and provide mitigation strategies. In a series of workshops demonstrating visualization tools for cybersecurity, constructs from healthcare models such as awareness, self-efficacy, and a willingness to engage were investigated to throw light on the likelihood that the technologies would be adopted. Although most constructs were validated, it turns out that self-efficacy could more appropriately be interpreted as a desire to understand a broader company narrative rather than empowering any individual to identify and manage cyber risk. As part of an ongoing examination of technology acceptance, this work provides further evidence that technology must be contextualized to make sense for the individual as part of the SME rather than as individual employee.