Project Coordinator: Dr. Carmen Elena CÎRNU– Scientific Researcher II
Main objectives
Objective 1 - Strengthening the capacity of cyber security actors in the EU to interconnect independent and federated cyber ranges in EU join CYRESRANGE’s network using an innovative connector (CyberEdu Range Connector), optimized for fast onboarding, cross-range content & scenario management and security of the shared resources while maintaining a cross-cluster repository of scenarios.
Objective 2 - Develop a marketplace of crowdsourced structured trainings & certifications schemes, based on an incentive system for content creators and cyber ranges to combine existing resources in new ways or develop new scenarios using an innovative scenario builder and unified language, agnostic to cyber range technology, optimized for large scale, cross-range exercises able to share knowledge and cybersecurity threat intelligence between stakeholders in the Member States, better monitor cybersecurity threats, and respond jointly to cyber-attacks.
Objective 3 - Support a progressive adoption path for the CYRESRANGE platform, services, community and gamification system through extensive validation and the organization of large scale exercises within and across critical infrastructures, key technologies and application sectors considering the important role of the Computer Security Incident Response Teams (CSIRTs) network and of the Cyber Crisis Liaison Organization Network (CyCLONe)
Objective 4 - To develop an innovative self-assessment engine that will combine personality traits and technical skills, optimized by a state-of-the-art machine learning model developing cybersecurity skills and expertise in key technologies (e.g. 5G, Internet of Things, Cloud, Artificial Intelligence, Industrial Control Systems)
Objective 5 - To improve the capability of cyber ranges and their operators to approach advanced types of cyber-attacks, such as the ones done by APTs, through ongoing real attacks simulations built specifically for underserved technologies in the offensive cybersecurity space in various application sectors (e.g. health, energy, finance, transport, telecommunication, agri-food production, resource management) including consideration to cascading effects across sectors
Objective 6 - To define and effectively exploit the business plan, CYRESRANGE’s concepts and tools for market entry, to contribute particular project results to relevant standardization bodies, and to ensure wide communication and scientific dissemination of the CYRESRANGE results to the research, academic, and ICT community, not limited to sectors covered by the NIS Directive
Project description
The proposed CYRESRANGE project addresses concerns and European directives in the field of cyber security, following the fulfillment of synoptic requirements at the EU level expressed through the EU Cyber Strategy presented by The European Commission and the High Representative of the Union for Foreign Affairs and Security Policy to “build resilience to cyber threats and ensure citizens and businesses benefit from trustworthy digital technologies” where “the EU's technological sovereignty needs to be founded on the resilience of all connected services and products.”
The architecture of the project consortium and the participation of a cluster of excellence in cyber security with a wide representation at national and European level (CYSCOE) ensures the fulfillment of a premise of the EU strategy in cyber security: “All the four cybercommunities – those concerned with the internal market, with law enforcement, diplomacy and defense – need to work more closely towards a shared awareness of threats. They should be ready to respond collectively when an attack materializes, so that the EU can be greater than the sum of its parts.”
Our project proposal addresses the first objective to build capacity of cybersecurity actors to react in a coordinated way to large-scale cybersecurity incidents, while fostering the role of CSIRTs, the CyCLONe network and considering the Blueprint. Our project will provide stakeholders a set of structured methodologies, vulnerability databases and forensic tools, and automated content delivery aims and tools.
The project focuses on the creation of new paradigms regarding the creation, interconnecting and strengthening cybersecurity ranges at national and regional level with great capabilities in the European realm, including critical infrastructures, not limited only to sectors covered by the NIS Directive.
In this sense, the project will develop a series of capabilities for the creation, operation, capacity increase and/or uptake of cybersecurity ranges, as well as foster networking between them in view to develop cybersecurity skills and expertise in key technologies (e.g. 5G, Internet of Things, Cloud, Artificial Intelligence, Industrial Control Systems) as well as application sectors (e.g. health, energy, finance, transport, telecommunication, agri-food production, resource management) including consideration to cascading effects across sectors.
Main results