CIPSEC - Enhancing Critical Infrastructure Protection with innovative SECurity framework

Date: 
01/05/2016 to 30/04/2019

Introduction

The integration of ICT technologies with critical infrastructure services, despite improving the performance and daily operation of those services, has been accomplished without considering security as core requirement, leaving behind shortcomings and weaknesses which have entailed a serious security problems.

CIPSEC develops an integrated framework composed by a heterogeneous set of products and services, providing high levels of protection for the whole critical infrastructure, considering both its IT (information technology) and OT (operational technology) networks.
The outcomes are meant to be exploited in a wide range of verticals. CIPSEC brings use cases in railway, health and environment protection contexts.

Who is the project designed for?

The project intends to provide a cost-effective multi-domain security solution, offering high levels of protection in IT and OT for critical infrastructures. Therefore the market target is very wide and includes verticals such as chemical industry, ICT, energy, financial services, food industry, health, transportation, water systems and facilities, nuclear, emergency services or manufacturing to name but a few.

The stakeholders group includes operators of critical infrastructures (whether public or private), large organizations, academia, SMEs (especially those being ICT-intensive), standardization groups, policy makers, public-private partnerships (PPPs), public authorities and people working on related European Projects, among others. CIPSEC orchestrates a security solution for the critical infrastructure protection lifecycle: before, during and after the incident. CIPSEC is an answer to the question on how to benefit from higher efficiency and better quality of service brought by ICT advances in the field of critical infrastructures without compromising security.

CIPSEC helps support European countries security and boost European competitiveness in critical infrastructure protection.

How will your project benefit the end-user?

CIPSEC contributes to the reduction of the capital investment in controlling and solving security threats for critical infrastructures. CIPSEC aims at increasing the confidence on the role of ICT in the daily operation of critical infrastructures, with positive impact in efficiency, quality of service and business profits.
CIPSEC also makes an impact by reducing the economic exposure linked to the consequence of cyber incidents and the likelihood of environmental disasters.

CIPSEC also has an educational side, creating awareness on the importance to secure all assets involved in critical infrastructure daily operation. Europe needs to become more aware of the dangers existing in the digital world, and as in real life all the segments of the population need to get ready and know the basic rules of thumb to avoid to be victims of cyber attacks and the cyber criminals behind them.
In such sense, CIPSEC offers a training service with a nice plethora of courses addressed to a wide audience, including not only end-users but also people without a technical background, but unavoidably in daily touch with ICT technologies.

Please briefly describe the results your project achieved so far
 
We have completed the design of the whole framework orchestrating the products and services brought to the project. We have designed all the internal interfaces, the data flow, the communication among the different functional modules and the dashboard being presented to the end-users. An intermediate integrated version has been produced and an early deployment has been carried out in the three pilots of the project.
We have a clear innovation roadmap associated to the whole platform and each of its components.We also have results in the shape of market analysis and key competitors survey. We have established links with some standardization working groups to monitor their activity and take into account their results to steer the internal activities in alignment with industry standards.

  What are the next steps for your project?

  • Delivery of the final platform version
  • Complete piloting of the solution, validation and assessment
  • Complete individual and joint exploitation plans, with business models
 
Week: 
Friday, 27 October, 2017 to Friday, 3 November, 2017

News

Call for experts for a group on liability and new technologies

The European Commission has launched a call for experts for a group on liability and new technologies. The deadline for application is 30 April 2018.

New technologies such as artificial intelligence, advanced robotics and the Internet of Things bring enormous opportunities in various fields (transport, healthcare, agriculture, manufacturing). At the same time they could raise challenges related to liability, which is why the Commission wants to initiate a discussion on the way forward.

The main tasks of the Expert Group will be:

Events

26/04/2018
Brussels - Concertation Meeting, 26/04/2018

The registration is open for the first Cyberwatching.eu Concertation meeting, Brussels, 26 April 2018.

08/05/2018
Free and Safe in Cyber Space conference

Free and Safe in Cyber Space conference aims at building a constructive dialogue and a critical mass of suitable actors around new dual-use cybersecurity standards and certifications and complaint open technologies and ecosystems.