Protecting SMEs from Cyberattacks: Elektrobit’s Evaluation of the CyberKit4SME Toolkit

22nd May, 2023

Author CyberKit4SME

The CyberKit4SME Toolkit

The CyberKit4SME toolkit consists of five tools designed to work together to provide comprehensive protection against cyberattacks. The main focus is to adapt the tools and models to be accessible by SMEs & MEs without the need for scarce and expensive specialist cyber security expertise. These tools are:

  1. Keenaï:  is a tool that allows monitoring, through a single entry point, the whole security of the Information System. The solution is part of the SIEM’s category (Security Information and Event Management).  
  2. Human and Organizational Risk Models (HORM): is a tool used to model and visualize human behavior and work processes in terms of user journeys, i.e., it is centered around human activities and interactions throughout a process. A HORM model shows the actor’s steps (in terms of actions and communications) throughout the process. The models are used to illustrate hypothetical or real situations, for example, best practices, but can also represent previous cyber attacks or situations to avoid.
  3. Secure Data Services (SDS): is a tool that enables the storage of data and consumes data in a secure and safe manner protecting data across its lifecycle as it is stored, accessed, and used. This includes facilities to govern data access and validation across the whole data lifecycle.
  4. System Security Modeller (SSM):  is a risk assessment tool for socio-economic systems. It combines a drag-and-drop graphical interface for drawing system models with an innovative machine-reasoning engine and a detailed domain knowledgebase of threats and countermeasures to create a comprehensive view of the risks to a system and how to mitigate them.  The SSM automates much of the risk assessment procedure described in ISO 27005 and thereby supports ISO 27001 compliance. Through automation, a risk assessment is made methodical and reproducible and a security analyst may do a better job in less time. 
  5. The Service Ledger (SL): is a blockchain-as-a-service platform that offers programmable blockchain-enabled services that apply in several application scenarios.

Figure 1. CyberKit4SME Overall Concept

Elektrobit’s Assessment Process

Elektrobit used its AI Tooling product to evaluate the CyberKit4SME tools for the transport sector. The assessment process involved the following steps:

  • Setting evaluation criteria and metrics: Elektrobit developed criteria and metrics to evaluate each tool’s effectiveness, ease of use, and compatibility with the transport sector’s specific needs.
  • Testing and evaluation: Elektrobit tested the tools in real-world scenarios to evaluate their performance and identify any weaknesses or areas for improvement.
  • Reporting and feedback: Elektrobit provided feedback to the CyberKit4SME project team, including recommendations for improving the tools.

Results of the Assessment

Elektrobit’s assessment found that the CyberKit4SME toolkit is effective in helping SMEs protect themselves against cyberattacks. The SSM Tool was found to be particularly useful for identifying vulnerabilities in the transport sector’s systems and networks. The HORM tool was also helpful in promoting good cybersecurity practices among SMEs’ employees. The Keenai Tool provided valuable real-time information about the latest threats, while the SL Tool guided SMEs through the process of responding to a cyberattack. The Training and Awareness material was helpful in educating employees about cybersecurity best practices.

Final words

Elektrobit’s assessment of the CyberKit4SME toolkit demonstrates its effectiveness in helping SMEs protect themselves against cyberattacks. SMEs in the transport sector, in particular, can benefit from the toolkit’s vulnerability assessment and cyber hygiene Tools. The CyberKit4SME project provides SMEs with a valuable resource to protect their businesses from cyber threats. We encourage SMEs to learn more about the toolkit and consider using it to safeguard their businesses.