The PANDORA project aims at contributing to EU cyber defense capacity building, by designing and implementing an open technical solution for real-time threat hunting and incident response, focusing on endpoint protection, as well as information sharing. https://www.pandora-edidp.eu/

AInception main aim is to develop novel AI-based tools and techniques for detection and response: from detecting adversarial behaviour from logs and network traffic; to understanding, contextualizing and explaining the detected threat; to generating risk and impact aware response action; all the way to automating the execution and evaluation of the response action on the underlying infrastructure. AI will play a central role for all these steps in the AInception tool pipeline. These tools will be combined into a proof-of-concept end to-end detection and response prototype, evaluated in operational scenarios with end users. https://www.ainception.eu/

The project “Advanced European platform and network of Cybersecurity training and exercises centres” (ACTING) will develop a network of advanced interconnected (federated) domain oriented cyber ranges for training and exercises. It aims to incorporate sophisticated methods and techniques for simulation of users, analysis of the performance of the cyber operators, and scoring cyber security situational awareness. https://acting-project.eu/

Ensuring security, whether of your home or your data network, requires disclosing certain information to third parties. The more complicated the system to be protected, the more opportunities or needs arise for sharing critical pieces of information. Working under the philosophy that intrusive security is no longer acceptable in the 6G environment, the EU-funded PRIVATEER project will pave the way for 6G ‘privacy-first security’. It will study, design and develop innovative security enablers for 6G networks following a privacy-by-design approach. The enablers will complement and be compatible with standard 5G/6G security controls to achieve a holistic, privacy-friendly security solution for future networks. https://www.privateer-project.eu/

Networked medical devices, including life-supporting or sustaining devices such as pacemakers, patient monitors and infusion pumps have played a transformational role in healthcare. At the same time, they are vulnerable to hacking and unauthorised access, potentially compromising patient safety. As such, there is an unmet need to address such security risks and safeguard patient health information and safety. The EU-funded SEPTON project aims to develop a cybersecurity toolkit capable of protecting networked medical devices. The approach will incorporate blockchain and machine learning techniques to allow for vulnerability assessment and improved data-exchange security. Results will be applicable in hospitals and other healthcare centres. https://septon-project.eu/

The project aims at the development of a new service, a cyber-physical platform that enhances the security over satellite public safety networks. DEGREES will introduce new services to support crisis management through a communication framework with reinforced security and increased reliability. The main goal of DEGREES is the study, design and assessment of a security system based on multiple technologies in order to protect space control ground stations and satellite links against cyber attacks, and to activate intelligent reconfiguration mechanisms in case of failure or compromise concerning the ground stations networks and the satellite links. https://www.degrees-project.eu/

The rapid advances in digital technology necessitate finding ways to ensure digital security and help small and medium-sized enterprises (SMEs) recover from cyberattacks. The EU-funded PALANTIR project aims to implement a framework combining privacy assurance, data protection, incident detection and recovery aspects. The project will also focus on cyber-resilience and ensure the SMEs' compliance with the relevant data privacy and protection regulations. The outcomes of the project will provide those enterprises with security tools that will boost their resilience at a reasonable cost. https://www.palantir-project.eu/

Artificial intelligence (AI) has a big role to play in cybersecurity – good and bad. It can be a powerful mechanism to detect threats and protect systems against attacks. It can also be used by attackers as a weapon. In this context, the EU-funded AI4CYBER will provide an Ecosystem Framework of next-generation trustworthy cybersecurity services that leverage AI and Big Data technologies to support system developers and operators in effectively managing AI-powered cyberattacks. Specifically, it will develop a new breed of AI-driven software robustness and security testing services with smarter flaw identification and code-fixing automation. The project will focus on the energy and banking sectors, as well as hospital services. https://ai4cyber.eu/

Digitisation has led to the transport sector becoming more and more interconnected. Most of the time, transport services are centralised. However, this centralised architecture increases the vulnerability to cyber attacks. To tackle this issue, the EU-funded CitySCAPE project will improve cybersecurity within multimodal transport. The project will produce a modular software toolkit, whose purpose is fourfold. First, it will detect suspicious traffic and data flows. Second, it will evaluate the technical and financial impact of a cyber attack. Third, it will enhance the predictability of zero-day attacks. Last but not least, it will train relevant authorities and improve the circulation of information among them. Eventually, the CitySCAPE solution will be validated in regional-level pilots in Tallinn (Estonia) and Genoa (Italy) by transport operators and cybersecurity organisations, who will also be trained in using the project tools. https://www.cityscape-project.eu/

JCOP is a prototypical implementation of Commission Recommendation (EU) 2017/1584 of 13 September 2017 on coordinated response to large-scale cybersecurity incidents and crises, and a model that can be applied to all EU Member States. In particular, the project develops a Joint Cybersecurity Operations Platform (JCOP) tailored to the needs of EU Member State authorities entrusted with cybersecurity. The platform, as per the EU Recommendation 2017/1584, will enable (i) sharing threat situational awareness, (ii) performing coordinated incident response and (iii) preparedness through relevant and tailored training. https://jcop.eu/

PHOENi²X aims to design, develop, and deliver a Cyber Resilience Framework providing Artificial Intelligence (AI) - assisted orchestration, automation & response capabilities for business continuity and recovery, incident response, and information exchange, tailored to the needs of Operators of Essential Services (OES) and of the EU Member State (MS) National Authorities entrusted with cybersecurity. Through the deployment PHOENi²X Cyber Resilience Centres (PHOENi²X CRCs), OES will gain: (i) enhanced Situational Awareness with AI-assisted Prediction, Prevention, Detection & Response capabilities, and business risk impact assessment-based prioritisation; (ii) proactive and reactive Resilience Automation, Orchestration, and Response (ROAR) mechanisms, providing Business Continuity, Recover and Cyber & Physical Incident Response; (iii) Increased Preparedness through relevant Serious Games and realistic Resilience Cyber Range (RCR) Assessment & Training; (iv) timely and actionable Information Exchange between OES, National Authorities and EU actors, leveraging interoperable and standardised alerting and reporting mechanisms and processes. https://phoeni2x.eu/

CYBERUNITY targets the second objective of the DIGITAL-ECCC-2022-CYBER-03-CYBER-RESILIENCE -EU Cybersecurity Resilience, Coordination and Cybersecurity Ranges topic in the Call. Its main goal is to build an interoperable community of Cyber Ranges in Europe, initially by bringing together the cyber ranges owned and operated by the partners in the consortium, whilst “opening” the cyber range interoperability specifications for building and expanding a thriving community of cybersecurity experts, researchers and professionals. CYBERUNITY aims to contribute to the aim of making Europe a world leader, by developing open interoperability specifications and providing the first interoperable cyber range infrastructure. Building upon these, and upon additional components and interfaces to be developed and integrated within the project, the concept of the “Cyber-Range-as-a-Service” (CRaaS) will be realized. Additionally, the first overarching Knowledge Repository for cyber ranges will be developed. CYBERUNITY will deploy a secure framework that enables cross-organisation and cross-border trustworthy and privacy-compliant integrated cyber range services, whose capabilities will be demonstrated by means of several cross-border scenarios involving systems in critical sectors. During the lifecycle of the project, it is estimated that about 2000 cyber defenders from all regions of Europe, including those less equipped with a unified cyber range facility external users will benefit from CYBERUNITY. https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/how-to-participate/org-details/999999999/project/101128024/program/43152860/details

Motivated by EU's strategic push to increase the Union's cybersecurity posture, several initiatives are underway to address cybersecurity challenges in services critical to the European economy and wider society. In this context, this proposal proposes CY-TRUST ("CYpriot secToRial secUrity operationS cenTres") which aims to increase the capacity the Republic of Cyprus to defend its infrastructures & citizens from cyber threats, through the introduction of Sectorial Security Operations Centres (Sectorial SOCs), covering 4 sectors (including Energy, Maritime, Governmental & SMEs), that will be interconnected with the National Competent Authority entrusted with cyber security, the Digital Security Authority (DSA) of Cyprus. This effort will follow and adopt a recently-proposed Cyber Security Operations Centres (CSOCs) Blueprint for cross-border, cross-organisational, and cross-functional cooperation, collaboration, and coordination, combining capacity for shared situational awareness, coordinated incident handling, and joint preparedness. Furthermore, with an emphasis on the adoption of European and international standards, and holistically considering the latest developments in the national and European cybersecurity landscape, the CY-TRUST Sectorial CSOCs will facilitate the establishment of the mandated level of interoperability, cooperation & coordination across defence environments, tools, processes, and people, at the national and European level. https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/how-to-participate/org-details/920827500/project/101128017/program/43152860/details

SYNAPSE aims to design, develop & deliver an Integrated Cyber Security Risk & Resilience Management Platform, with holistic Situational Awareness, Incident Response & Preparedness capabilities. The proposed platform will encompass: (i) Incident Response through process automation and orchestration mechanisms, also covering organisational/business aspects (e.g. business continuity processes); (ii) AI-enhanced Situational Awareness, encompassing extraction & analytics of actionable and pertinent Cyber Threat Intelligence (CTI), along with attack early warning & threat hunting systems; (iii) Preparedness through cybersecurity, privacy & business continuity training, covering different training delivery means, allowing it to tailor the delivery method to the content; (iv) Technical & economic risk management, integrating outputs of (i)-(iii) above and supporting risk-benefit analyses (including what-if scenarios) to inform decision-making and enable risk transfer schemes with Smart Contract-enabled cybersecurity insurance; (v) Continuous feedback between (i)-(iv) above, along with standards-based sharing, alerting & reporting (intra- & inter- Member State), based on outputs of (i)-(iii) above, thus enabling the establishment of shared situational awareness, coordinated response and joint preparedness. https://cordis.europa.eu/project/id/101120853

INTERSOC envisions to improve disruption preparedness, resilience of digital infrastructures, and capacity building, through advanced threat forecasting, cyber-incident detection and response capabilities, at national and EU level, and dedicated training sessions in digital infrastructure security, while respecting privacy and other fundamental rights. To achieve this, INTERSOC will design and develop a user-centric intelligent threat defence and decision support platform by uniquely combining: 1. Highly sophisticated network and system behavioural monitoring, towards identification of anomalies caused by novel multi-faceted attacks. This would be achieved by enhancing the traditional SIEMs and IDS with behavioural and decisional Artificial Intelligence (AI) algorithms. 2. A low-code approach to security orchestration and incident management automation. 3. Decentralised, confidential Cyber Threat Information (CTI) sharing based on peer-to-peer networks and in compliance with the EU regulatory framework, 4. Trust models and trustworthy technology fine-tuned to address trust relationships when sharing information over the internet. 5. Risk and threat analysis, impact assessment and risk treatment to identify, analyse and eliminate security threats and vulnerabilities of the pilot systems. 6. Enhanced penetration tools and methodologies tackling emerging vulnerabilities. The tools will be used to actively test and attack the security of SOCs on the pilot systems. 7. Cutting-edge Trustworthy AI algorithms will be meticulously developed, taking into account the current evolving EU regulatory framework (e.g. proposal for AI act) and standard working groups (e.g. CEN/CLC JTC21 WG4). 8. The utilization of a cyber-range-type Virtualization Platform will facilitate the deployment and hosting of advanced red/blue team exercises, fostering capacity building and enhancing user awareness. Three diverse sectors (banking, energy, CSIRT training) over a set of use-cases. https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/how-to-participate/org-details/999999999/project/101145853/program/43152860/details