Project overview
The overall aim of CyberKit4SME is to democratize advanced cyber security methods for SMEs and MEs, in order to:
Enable SMEs and MEs to monitor and forecast cybersecurity risks by equipping them with advanced, but low-cost and easy-to-use tools that will allow them to both assess the cybersecurity risks of their business’s IT infrastructure at design-time (following an asset-based risk assessment approach aligned with ISO 27005) and to monitor and update risk level assessments in real-time to detect potential threats without frequent recourse to expensive cybersecurity experts including consultants.
Raise SMEs and MEs’ awareness of cybersecurity risks, vulnerabilities and attacks through training in the use of these tools, and by analysing organisational and human factors that affect risk levels in their business; making educational material available for their employees to promote safe behaviour; facilitating their participation to cyber ranges as part of the training experience, and fostering a resilient community of SMEs and MEs by promoting information exchange with CERT/CSIRTs and other SMEs and MEs on cybersecurity incidents.
Support SMEs and MEs to manage their security, privacy and personal data protection risks by providing a wide-ranging set of tools that will allow them to implement risk mitigation measures based on a sophisticated risk analyses for their information networks, including end-to-end data protection using advanced encryption techniques to ensure confidentiality and integrity for data stored, transferred and processed onsite or in the cloud, and SIEM technology to help them prevent, detect and recover from cyber-attacks.
Equip SMEs and MEs with an online collaborative, security information sharing and incident reporting system by providing a blockchain platform through which SMEs and MEs will be able to securely share cybersecurity information in supply chains and with CERTS to improve risk monitoring and facilitate preparedness and responses to cyber-attacks, engage in a collective response to cyber security risks, and implement mandatory cybersecurity incident reporting.
Enable SMEs and MEs to monitor and forecast cybersecurity risks by equipping them with advanced, but low-cost and easy-to-use tools that will allow them to both assess the cybersecurity risks of their business’s IT infrastructure at design-time (following an asset-based risk assessment approach aligned with ISO 27005) and to monitor and update risk level assessments in real-time to detect potential threats without frequent recourse to expensive cybersecurity experts including consultants.
Raise SMEs and MEs’ awareness of cybersecurity risks, vulnerabilities and attacks through training in the use of these tools, and by analysing organisational and human factors that affect risk levels in their business; making educational material available for their employees to promote safe behaviour; facilitating their participation to cyber ranges as part of the training experience, and fostering a resilient community of SMEs and MEs by promoting information exchange with CERT/CSIRTs and other SMEs and MEs on cybersecurity incidents.
Support SMEs and MEs to manage their security, privacy and personal data protection risks by providing a wide-ranging set of tools that will allow them to implement risk mitigation measures based on a sophisticated risk analyses for their information networks, including end-to-end data protection using advanced encryption techniques to ensure confidentiality and integrity for data stored, transferred and processed onsite or in the cloud, and SIEM technology to help them prevent, detect and recover from cyber-attacks.
Equip SMEs and MEs with an online collaborative, security information sharing and incident reporting system by providing a blockchain platform through which SMEs and MEs will be able to securely share cybersecurity information in supply chains and with CERTS to improve risk monitoring and facilitate preparedness and responses to cyber-attacks, engage in a collective response to cyber security risks, and implement mandatory cybersecurity incident reporting.
Staff
Lead researcher
Other researchers
Collaborating research institutes, centres and groups
Research outputs
Brian Pickering,
& Gencer Erdogan
, 2023
Type: conference
& Steve Taylor
, 2022
Type: other
Gencer Erdogan,
Ragnhild Halvorsrud,
Costas Boletsis,
& Simeon Tverdal
, 2022
Type: conference
Costas Boletsis,
Ragnhild Halvorsrud,
, 2021
Type: conference