Improving the CI capacities at preparedness, detection and response phases requires the attention to the human factor as well as the collaboration of heterogeneous organisations involved in the CI development and operation, ensuring a continuum of care, just as it is done for other ICT systems with the adoption of SecDevOps approaches. DYNABIC Consortium believes that the adoption of defensive AI and novel approaches to continuous business risk management based on enhanced SecDevOps can drastically improve critical services resilience. Furthermore, AI-based self-healing and autonomous response automation can greatly help to achieve fast and efficient recovery and enable the provision of fully resilient critical services to European citizens. The strategic objective of DYNABIC is to increase the resilience and business continuity capabilities of European critical services in the face of advanced cyber-physical threats. This objective will be pursued by delivering new socio-technical methods, models and tools to support resilience through holistic business continuity risk management and control in operation, and dynamic adaptation of responses at system, human and organization planes. DYNABIC will deliver the DYNABIC Framework that will enable OES to predict, quantitatively assess and mitigate in real-time business continuity risks and their potential cascading effects. Furthermore, it will enable the dynamic autonomous adaptation of critical infrastructures to meet Resilience goals by the automatic optimization and orchestration of response strategies. The DYNABIC framework will be validated in two types of demonstrations: i) Smart Preparedness, prevention and Response to Business Disruption risks in 4 critical infrastructures and supply chains (EV charging stations, Critical transport services, Telco services, and Hospital services), and i) Smart Preparedness and Response to Cascading Business Disruption risks in interconnected CIs.

Uptake of IoT and AI driven ICT systems in Europe is crucial for our common future, but it is dependent on our strategic ability to protect these systems from cyber threats and attacks on their privacy. IRIS addresses this challenge with a collaborative-first approach centered around CERTs/CSIRTs. From a technological perspective, it deploys (i) autonomous detection of IoT and AI threats, enriched with (ii) privacy-aware intelligence sharing and collaboration, and (iii) advanced data protection and accountability. Crucially, IRIS introduces (iv) the first dedicated online training and cyber exercises to prepare CERTs/CSIRTs to collaboratively protect critical infrastructures and systems against cross-border AI and IoT threats. IRIS will be validated in three pilot demonstrators, focussing in the IoT, AI and cross-border dimensions, across three existing smart city environments (in Helsinki, Tallinn and Barcelona), involving the associated national/governmental CERTs/CSIRTs, cybersecurity authorities and municipalities. The scenarios will contain real-life inspired cyber incidents that will build up into pilots at all levels (from local to national and to cross-border) to showcase the versatility of the IRIS solution. With 19 key partners from around Europe and 5 CERTs/CSIRTs as Associated Partners, IRIS’s solid consortium composition and work plan prioritises the effectiveness needed for quick real-world adoption and impact. Moreover, integration will be carried out on the EU’s existing MeliCERTes platform, with the support of NETCOMPANY-INTRASOFT, while training will build upon THALES’s existing cyber range, and ECSO will ensure the contribution to standards and policymaking. With the formal support of the four H2020 Cybersecurity Competence Network Pilot Projects, IRIS will also actively engage with the full scope of the cybersecurity ecosystem in Europe.

Our proposed GEIGER will be an innovative solution with associated components and an Education Ecosystem addressing security, privacy and data protection risks of and for Small and Medium-sized Enterprises and Microenterprises (SMEs&MEs) in Europe. GEIGER will be developed in analogy of a GEIGER counter for detecting atomic radiation threatening human life. The GEIGER solution will be used for assessing, monitoring, and forecasting risks and reducing these risks by improving the SMEs’&MEs’ security with well-curated tools, and an education program targeting practitioners-in-practice as “Certified Security Defenders” bringing security expertise sustainably to SMEs&MEs using existing vocational education frameworks. GEIGER consist of a GEIGER Indicator that dynamically summarizes the current level of risk by evaluating measures undertaken for security defences among the participating SMEs&MEs. The GEIGER Indicator can be personalised by registering the enterprise’s profile and supports GDPR-compliant sharing and exchanging data about incidents. The GEIGER Toolbox allows stepwise do-it-yourself assessment and improvement of the SMEs’&MEs’ security, privacy, and data protection with lightweight controls and advice for improved protection at varied levels of sophistication. The included tools offer endpoint, server, and network protection and guide the SME&ME in a personalised manner in data hygiene, including access and security control, data privacy management, and backup practices. The GEIGER Education Ecosystem offers experimental-based training and cyber range-enabled challenges and will be integrated into curricula of diverse professions of non-ICT experts, offering direct impact on SMEs&MEs through target group-oriented education. The GEIGER solution will be demonstrated in three complementary use cases within three countries. GEIGER will achieve sustainable impact by raising awareness of more than one million SMEs&MEs within a period of 2.5 years after start.

With the emergence of the digitization of information, ICT infrastructure and communications gave an unprecedented push towards the realization of truly interconnected passenger transport ecosystems at city-level. The emerging notion of multimodality supports a plethora of diverse transport services, typically offered from a central location. There however, the complex interconnected infrastructures ease the cyber-threats propagation while the underlying mosaic of fleets, personal hand-held devices and non-standardized data types increase the system's attack surface and require the authorities collaboration to proactively handle severe incidents. CitySCAPE leverages the skills and mature technology of its 15-partner consortium to systematically explore all different cybersecurity dimensions of multimodal transport. These dimensions will drive a characterization of the cyber-threats in the ICT multimodal transport, extended to the close-by power and financial sector. Innovative software tools will be introduced to estimate the threats propagation in the system. Then, CitySCAPE will realize a modular software toolkit enabled to be seamlessly integrated into any multimodal transport system to: a)detect suspicious traffic-data values and identify persistent threats; b)evaluate an attack's impact in technical and notably in financial terms; c)combine external knowledge and internally-observed activities to enhance the predictability of zero-day attacks; d)instantiate a networked overlay to circulate informative notifications to CERT authorities and support their interplay. The CitySCAPE solution will be tested over a timely set of use-cases involving ticketing applications, cyber-fraud and location data in the regional transport system of two European cities, where extensive experiments will showcase its effectiveness. The findings will steer training sessions of expert/non-expert audience and shape a strong standardization contribution to security (labelling) protocols.

The SECANT platform will enhance the capabilities of organisations’ stakeholders, implementing (a) collaborative threat intelligence collection, analysis and sharing; (b) innovative risk analysis specifically designed for interconnected nodes of an industrial ecosystem; (c) cutting-edge trust and accountability mechanisms for data protection and (d) security awareness training for more informed security choices. The proposed solution’s effectiveness and versatility will be validated in four realistic pilot use case scenarios applied in the healthcare ecosystem. Ultimately, SECANT will contribute decisively towards improving the readiness and resilience of the organisations against the crippling modern cyber-threats, increasing the privacy, data protection and accountability across the entire interconnected ICT ecosystem, and reducing the costs for security training in the European market.