The integration of ICT technologies with critical infrastructure services, despite improving the performance and daily operation of those services, has been accomplished without considering security as core requirement, leaving behind shortcomings and weaknesses which have entailed a serious security problems.
CIPSEC develops an integrated framework composed by a heterogeneous set of products and services, providing high levels of protection for the whole critical infrastructure, considering both its IT (information technology) and OT (operational technology) networks.
The outcomes are meant to be exploited in a wide range of verticals. CIPSEC brings use cases in railway, health and environment protection contexts.
Who is the project designed for?
The project intends to provide a cost-effective multi-domain security solution, offering high levels of protection in IT and OT for critical infrastructures. Therefore the market target is very wide and includes verticals such as chemical industry, ICT, energy, financial services, food industry, health, transportation, water systems and facilities, nuclear, emergency services or manufacturing to name but a few.
The stakeholders group includes operators of critical infrastructures (whether public or private), large organizations, academia, SMEs (especially those being ICT-intensive), standardization groups, policy makers, public-private partnerships (PPPs), public authorities and people working on related European Projects, among others. CIPSEC orchestrates a security solution for the critical infrastructure protection lifecycle: before, during and after the incident. CIPSEC is an answer to the question on how to benefit from higher efficiency and better quality of service brought by ICT advances in the field of critical infrastructures without compromising security.
CIPSEC helps support European countries security and boost European competitiveness in critical infrastructure protection.
How will your project benefit the end-user?
CIPSEC contributes to the reduction of the capital investment in controlling and solving security threats for critical infrastructures. CIPSEC aims at increasing the confidence on the role of ICT in the daily operation of critical infrastructures, with positive impact in efficiency, quality of service and business profits.
CIPSEC also makes an impact by reducing the economic exposure linked to the consequence of cyber incidents and the likelihood of environmental disasters.
CIPSEC also has an educational side, creating awareness on the importance to secure all assets involved in critical infrastructure daily operation. Europe needs to become more aware of the dangers existing in the digital world, and as in real life all the segments of the population need to get ready and know the basic rules of thumb to avoid to be victims of cyber attacks and the cyber criminals behind them.
In such sense, CIPSEC offers a training service with a nice plethora of courses addressed to a wide audience, including not only end-users but also people without a technical background, but unavoidably in daily touch with ICT technologies.
Please briefly describe the results your project achieved so far
We have completed the design of the whole framework orchestrating the products and services brought to the project. We have designed all the internal interfaces, the data flow, the communication among the different functional modules and the dashboard being presented to the end-users. An intermediate integrated version has been produced and an early deployment has been carried out in the three pilots of the project.
We have a clear innovation roadmap associated to the whole platform and each of its components.We also have results in the shape of market analysis and key competitors survey. We have established links with some standardization working groups to monitor their activity and take into account their results to steer the internal activities in alignment with industry standards.
What are the next steps for your project?
- Delivery of the final platform version
- Complete piloting of the solution, validation and assessment
- Complete individual and joint exploitation plans, with business models