PROTECTIVE - Proactive Risk Management through Improved Cyber Situational Awareness

Date: 
01/09/2016 to 31/08/2019

Introduction

PROTECTIVE is a system for proactive risk management through improved situational awareness. The system is intended for National Research Education Network (NREN) Computer Security Incident Response Teams (CSIRTs) initially to understand, correlate, prioritize and share cyber threat intelligence for enhanced decision-making capabilities.

We aim to provide NRENs with improved security alert management capabilities, through uses of meta alerts, alerts that summarise a plethora of threats and incidents in order to understand the bigger picture of the threat landscape, provide better context awareness and enhance existing cyber threat intelligence sharing capabilities through automation while remaining General Data Protection Regulation (GDPR) compliant.

Who is the project designed for?

- Public Computer Security Incident Response Teams (CSIRTs), initially targeting NRENs.
- Managed Security Service Providers (MSSPs).

The end-users are security operation centre operators and analysts that make decisions based on cyber threat intelligence and alerts generated internally.

How is your project benefitting the end-user?

Enhancing cyber threat intelligence sharing through:

  • Applying Correlation and Prioritization methods w.r.t. your own constituency.
  • Computational Trust, being able to score confidence about the data received.
  • Automation, by moving away from solely relying on email ticket systems to share cyber threat intelligence.
  • GDPR compliance through development of run-time monitoring.
  • MSSPs will be able to benefit CTI from NRENs in order to protect SMEs from the latest observed threats.

Please briefly describe the results your project achieved so far

We have created an early instance of the tool running, and are currently developing and enhancing its performance and usability.

What are the next steps for your project?

We are running two pilots to test the tool in live NREN environments in which we collect performance and usability data.

Week: 
Tuesday, 13 February, 2018

Project type:

News

EU to strenghten its expertise in cybersecurity research, technology and industrial developmen

Europe is stepping up its protection against cybersecurity threats, and is discussing a new structure of pool of expertise which will help secure the digital single market and increase the EU’s autonomy in the area of cybersecurity.

Europe is currently working on the establishment of a top knowledge base for cybersecurity and a network of national cybersecurity coordination centres called the European Cybersecurity Industrial, Technology and Research Centre and the Network of National Coordination Centres.

Future Events

Cyber Insurance and its Contribution to Cyber Risk Mitigation - Leiden March 25-29
25/03/2019 to 29/03/2019
Image:

The rise in both the scale and severity of recent cyberattacks demands new thinking about cybersecurity risk and the mitigation and transfer of that risk. Cyber insurance is one potential way to manage risk by transferring damage liability, but the cyber insurance market is immature and the understanding and actuarial knowledge of cyber-risk is currently underdeveloped.

e-SIDES workshop 2019
02/04/2019
Image:

e-SIDES workshop: Towards Value-Centric Big Data: Connect People, Processes and Technology

BRUSSELS

2 April 2019

10am to 4pm

 

e-SIDES is a research project funded by European Commission H2020 Programme that deals with the ethical, legal, social and economic implications of privacy-preserving technologies in different big data context.