CIPSEC - Enhancing Critical Infrastructure Protection with innovative SECurity framework

Date: 
01/05/2016 to 30/04/2019

Introduction

The integration of ICT technologies with critical infrastructure services, despite improving the performance and daily operation of those services, has been accomplished without considering security as core requirement, leaving behind shortcomings and weaknesses which have entailed a serious security problems.

CIPSEC develops an integrated framework composed by a heterogeneous set of products and services, providing high levels of protection for the whole critical infrastructure, considering both its IT (information technology) and OT (operational technology) networks.
The outcomes are meant to be exploited in a wide range of verticals. CIPSEC brings use cases in railway, health and environment protection contexts.

Who is the project designed for?

The project intends to provide a cost-effective multi-domain security solution, offering high levels of protection in IT and OT for critical infrastructures. Therefore the market target is very wide and includes verticals such as chemical industry, ICT, energy, financial services, food industry, health, transportation, water systems and facilities, nuclear, emergency services or manufacturing to name but a few.

The stakeholders group includes operators of critical infrastructures (whether public or private), large organizations, academia, SMEs (especially those being ICT-intensive), standardization groups, policy makers, public-private partnerships (PPPs), public authorities and people working on related European Projects, among others. CIPSEC orchestrates a security solution for the critical infrastructure protection lifecycle: before, during and after the incident. CIPSEC is an answer to the question on how to benefit from higher efficiency and better quality of service brought by ICT advances in the field of critical infrastructures without compromising security.

CIPSEC helps support European countries security and boost European competitiveness in critical infrastructure protection.

How will your project benefit the end-user?

CIPSEC contributes to the reduction of the capital investment in controlling and solving security threats for critical infrastructures. CIPSEC aims at increasing the confidence on the role of ICT in the daily operation of critical infrastructures, with positive impact in efficiency, quality of service and business profits.
CIPSEC also makes an impact by reducing the economic exposure linked to the consequence of cyber incidents and the likelihood of environmental disasters.

CIPSEC also has an educational side, creating awareness on the importance to secure all assets involved in critical infrastructure daily operation. Europe needs to become more aware of the dangers existing in the digital world, and as in real life all the segments of the population need to get ready and know the basic rules of thumb to avoid to be victims of cyber attacks and the cyber criminals behind them.
In such sense, CIPSEC offers a training service with a nice plethora of courses addressed to a wide audience, including not only end-users but also people without a technical background, but unavoidably in daily touch with ICT technologies.

Please briefly describe the results your project achieved so far
 
We have completed the design of the whole framework orchestrating the products and services brought to the project. We have designed all the internal interfaces, the data flow, the communication among the different functional modules and the dashboard being presented to the end-users. An intermediate integrated version has been produced and an early deployment has been carried out in the three pilots of the project.
We have a clear innovation roadmap associated to the whole platform and each of its components.We also have results in the shape of market analysis and key competitors survey. We have established links with some standardization working groups to monitor their activity and take into account their results to steer the internal activities in alignment with industry standards.

  What are the next steps for your project?

  • Delivery of the final platform version
  • Complete piloting of the solution, validation and assessment
  • Complete individual and joint exploitation plans, with business models
 

Events

27/11/2018 to 28/11/2018
Cyber Investor Days

On 27th and 28th November in Berlin, Germany, ECSO is organizing in collaboration with Secunet and TeleTrusT, the Cyber Investor Days.

The most promising European cyber security start-ups and SMEs will have an opportunity to pitch their solution and meet the influential German and international investors during strategic business matchmaking sessions.

CYBER INVESTOR DAYS will be officially opened by Andreas Koenen, Director General of the Cyber and Information Security Directorate at the German Ministry of Interior, and Clemens Kabel, Investment Director at IBB Investment.

13/12/2018 to 14/12/2018
Call for Papers: Halfway Through the Digital Single Market Strategy: “Bedrock of Trust” or illusion?

Call for Papers

The Law Faculty of the University of Lille cordially invites junior and senior researchers to participate in a conference held as part of the Horizon 2020 project “TRUESSEC.eu”, on the 13th and 14th December 2018. The conference will be hosted by the Law Faculty.