Project Vison and Objectives
The overall aim of CyberKit4SME is to democratize advanced cyber security methods for SMEs and MEs, in order to:
- Enable SMEs and MEs to monitor and forecast cybersecurity risks by equipping them with advanced, but low-cost and easy-to-use tools that will allow them to both assess the cybersecurity risks of their business’s IT infrastructure at design-time (following an asset-based risk assessment approach aligned with ISO 27005) and to monitor and update risk level assessments in real-time to detect potential threats without frequent recourse to expensive cybersecurity experts including consultants.
- Raise SMEs and MEs’ awareness of cybersecurity risks, vulnerabilities and attacks through training in the use of these tools, and by analysing organisational and human factors that affect risk levels in their business; making educational material available for their employees to promote safe behaviour; facilitating their participation to cyber ranges as part of the training experience, and fostering a resilient community of SMEs and MEs by promoting information exchange with CERT/CSIRTs and other SMEs and MEs on cybersecurity incidents.
- Support SMEs and MEs to manage their security, privacy and personal data protection risks by providing a wide-ranging set of tools that will allow them to implement risk mitigation measures based on a sophisticated risk analyses for their information networks, including end-to-end data protection using advanced encryption techniques to ensure confidentiality and integrity for data stored, transferred and processed onsite or in the cloud, and SIEM technology to help them prevent, detect and recover from cyber-attacks.
- Equip SMEs and MEs with an online collaborative, security information sharing and incident reporting system by providing a blockchain platform through which SMEs and MEs will be able to securely share cybersecurity information in supply chains and with CERTS to improve risk monitoring and facilitate preparedness and responses to cyber-attacks, engage in a collective response to cyber security risks, and implement mandatory cybersecurity incident reporting.
The CyberKit4SME project aims to demonstrate these tools working in an operational environment based on SME partners’ existing product and service testing environments, and with users fulfilling their normal business roles. It will also take the necessary actions to ensure the tools provided will be commercially sustainable and can be made available to a wide range of SMEs and MEs following the project.
Obj. #1 Develop tools allowing SMEs and MEs to analyse their information networks and identify and assess security risks, without frequent recourse to expensive consultants.
Result: a set of tools and templates allowing SMEs and MEs to create high-level models of their information assets and networks, identify threats and assess associated risk levels, and obtain guidance on the security measures that could be used to mitigate these risks. The tools will cover both technical and human/organisational risk factors and mitigation measures. They will be understandable by non-specialist staff working for SME and ME.
Impact: SMEs and MEs will have greater awareness of cyber security threats, and of the relative risk levels and importance of different threats. They will be better able to decide what technical and non-technical security measures they should use, making them better protected. They will also be better able to demonstrate that those measures are appropriate to the risks faced, making it easier to comply with regulations.
Obj. #2 Develop tools allowing SMEs and MEs to protect information when it is stored, transferred or processed including outside their own networks.
Result: a set of tools to protect data confidentiality, integrity and availability throughout its lifecycle, using advanced encryption techniques for management and storage of data and backups including in the cloud. The tools will be optimised for use by SMEs and MEs, making it easy for them to secure their applications, and easy to recover from common attacks against such businesses (e.g. ransomware attacks), while minimizing false alarms that would overwhelm any small business.
Impact: SMEs and MEs will be able to deploy enhanced protection against confidentiality and integrity breaches, and therefore significantly reduce economic damage from harmful cyber attacks including personal data protection breaches
Obj. #3 Develop tools allowing SMEs and MEs to monitor their security, forecast risks and anticipate the need for technical or organisational protection measures.
Result: a set of tools allowing SMEs and MEs to use advanced security monitoring and risk analysis models (see Obj #1) to monitor and forecast cyber security risk levels, and hence initiate appropriate countermeasures. The focus will be on making sophisticated SIEM technology more accessible to SMEs and MEs (in terms of cost, time and skills needed), and using shared security intelligence (see Obj #4) to provide more accurate forecasts of possible incidents.
Impact: SMEs and MEs will be able to strengthen security, privacy and data protection by having advanced warnings on the need for improvements.
Obj. #4 Develop tools allowing SMEs and MEs to share security information in a secure and privacy-aware manner, with CERT/CSIRT and within sectoral supply chains.
Result: a framework for security information sharing based on block chain technology, allowing information to be shared with CERT/CSIRT and with supply chain partners in a secure and privacy respecting fashion, and supporting mandatory incident reporting requirements in critical sectors.
Impact: SMEs and MEs will contribute to and benefit from the sharing of security information with other actors including CERTs/CSIRTs. They will be better informed and therefore able to take a more active role in a stronger, collective approach to security, privacy and data protection within their sector, and will find it far easier to meet regulatory obligations to report security incidents with no fear of reputational damage.
Obj. #5 Validate the CyberKit4SME tools in four key (and critical) sectors.
Result: a set of demonstrations of the CyberKit4SME tools working together to support SMEs and MEs in critical sectors to achieve higher levels of security and regulatory compliance at a lower cost. This will be accompanied by an assessment of usability and cost-effectiveness based on a customer journey analysis, examining how staff responsible (explicitly or implicitly) for security and compliance carry out those responsibilities, and how the introduction of the CyberKit4SME toolkit has made their work easier, cheaper or more effective compared to their baseline practices. The final step will be a demonstration in an operational environment.
Impact: this will demonstrate how SMEs and MEs can become better protected, better able to comply with (and demonstrate compliance with) the NIS Directive and the GDPR, and able to take a more active role in sharing security information to achieve security, privacy and data protection together with their supply chain partners and with CERT/CSIRTs. It will also provide lessons on best practices which will be disseminated in a CyberKit4SME handbook (see Obj #6).
Obj. #6 Disseminate the results from CyberKit4SME and develop training to support their use, promoting awareness of and creating a demand from SMEs and MEs for sophisticated tools and approaches to cyber security.
Result: a set of publications, demonstrations, workshops and other dissemination material showing how the CyberKit4SME can be used to make sophisticated approaches to cyber security accessible and affordable by SMEs and MEs. Some of this material will feed into cross-project collaboration and support coordinated dissemination to boost impact from all projects funded from this call. We will also create a handbook explaining the procedures supported by the tools and explain how the tools can be integrated in an SME or ME working environment. Finally, we will produce and start delivering training courses for SMEs and MEs that use CyberKit4SME tools and cyber range demonstrations, which will further raise awareness of cyber security problems and boost expertise and confidence in applying CyberKit4SME solutions and help create a demand for them.
Impact: this will prepare the way for replication of our results through adoption by a wider group of SMEs and MEs, giving them access to tools and training that will help them to become more aware of cyber security and data protection challenges and solutions, to be better prepared and protected from potential attacks, and thus pave the way for a more trustworthy digital environment supporting economic activity at all scales. Exploitation plans will be developed in CyberKit4SME on how each partner will address the market and meet the demand created by our dissemination and awareness raising activities.