Project blog

Lessons learnt from cyber-attacks on Greek municipalities

Just how hard is to describe the importance of a service whose value the customers cannot quite comprehend or quantify in order to invest in it in the Greek public sector?

If one had to answer this question, he would have to give many answers, depending on various factors. It is incredibly difficult for an organisation to fully comprehend the need and the importance of cybersecurity service or product when he hasn’t been exposed or harmed by a cyber-attack. It is even harder, when the organisation lacks the necessary funds, or has other priorities to address. In some cases, one needs to give specific examples of the danger and the prevention procedure or restoring. An issue that has arisen and has been widely discussed lately is a cyber-attack in the City Hall infrastructure of Thessaloniki, Greece. That has been a wake-up call for many Municipalities, but majorly the big ones.

Continue reading

New Cybersecurity Master's Program in Oulu

Cybersecurity is a new study option based on the research excellence in software security at the University of Oulu. The student specialising in cybersecurity will be able to design, develop, test and evaluate systems, software or hardware for security goals in the ever evolving digital landscape​.

As a whole, artificial intelligence and the development of different AI solutions play a role in all four study options. For example, the studies can contribute to various aspects of emerging edge computing and edge AI technologies.

Continue reading

New Cybersecurity Master's Program in Oulu

Cyber security is a new study option based on the research excellence in software security at the University of Oulu. The student specialising in cyber security will be able to design, develop, test and evaluate systems, software or hardware for security goals in the ever evolving digital landscape​.

As a whole, artificial intelligence and the development of different AI solutions play a role in all four study options. For example, the studies can contribute to various aspects of emerging edge computing and edge AI technologies.

Continue reading

CS-AWARE NEXT received support from the Horizon Standardisation Booster

Our project had the opportunity to receive advisory services by the HSbooster.eu that is a European Commission initiative aiming to provide expert services to European projects to help them to increase and valorise project results by contributing to the creation of new or improvement of existing standards.

As presented in the final expert report, ‘the whole HSBooster consultancy process with CS-AWARE NEXT went fluently and there was great support by the team of CS-AWARE NEXT to identify a suitable standardisation strategy for their envisioned project results’. It is also mentioned that ‘the CS-AWARE NEXT project is on a very good track’ and that we ‘have identified a clear and actionable target’ in terms of, amongst others, ‘adding an extension to the OASIS STIX public repository’. There is no doubt that this might potentially ‘pave the way for future standardisation impacts, i.e., the inclusion of the extension in the official STIX OASIS standard’. Standardisation is, as known to all of us that have been involved in one or some other way in such a process, a long shot, but also well worth trying.

Continue reading

Enhancing your security with open-source tools

With cybersecurity gaining increased attention in Italy, it has emerged as the top priority for digital investment among businesses in 2023. Notably, both large enterprises and SMEs recognize the significance of robust cybersecurity measures. Recent data reveals that a staggering 61% of organisations with over 250 employees have chosen to boost their cybersecurity budgets in the past year. Moreover, the Italian cybersecurity market is projected to witness remarkable growth, reaching a value of 1.86 billion euros in 2022, reflecting an exceptional acceleration of +18% compared to the previous year. In this article, we delve into the realm of monitoring and analysis, exploring the potential of open-source solutions to strengthen cybersecurity defences and address the evolving challenges faced by Italian organisations. Fluentd

Continue reading

Cybersecurity challenges in Greek companies – Study by EY Greece and Microsoft

ΕΥ Greece and Microsoft have carried out a study on the challenges concerning cybersecurity in Greece. The study attempts, for the first time in the Greek market, to thoroughly analyse the current national and European legal and regulatory framework of cybersecurity. European regulations, such as NIS, NIS II and CERD, the main legal acts on cybersecurity in Greece (4577/2018, 4961/2022), their field of practice and the next steps for the compliance of the Greek companies with those, are presented in the study. In addition, the study describes the goals and the respective actions of the National Cyber Security Strategy 2020-2025 that was presented by the Ministry of Digital Governance.

Continue reading

NIS2 – Key Challenges on the Horizon

About ten years ago the proposal of the original NIS-Directive was introduced into our lives. It was the first cybersecurity act in the EU, creating a new baseline for cybersecurity. Unfortunately the effects of the original NIS weren’t as good as initially hoped. Its objectives of increasing the level of security of network and information systems across the union were hindered by problems regarding different levels of resilience among member states, insufficient resilience of individual organisations, and ineffective oversight by government authorities. The decision was made to issue an updated act to take its place. In a little over 1,5 years, by October 18th 2024 to be precise, the successor will be incorporated into national law by each member state.

Continue reading

Data-driven cybersecurity

The availability of a large amount of data facilitates the spreading of a data-driven culture in which data are used and analyzed to support decision-making. This is also true for the cybersecurity environment in which the increasing number of threats appearing over time and related public data caused a “paradigm shift in understanding and defending against the evolving cyber attacks, from primarily reactive detection toward proactive prediction”.

Conventional data analysis approaches cannot address the complexity of the new threats and the velocity with which they are generated and spread throughout the Internet: more flexible and efficient mechanisms are needed. Artificial Intelligence (AI) systems based on Machine Learning (ML) tools and exploiting the power provided by big data architectures seem promising solutions to detect and mitigate many of the novel cybersecurity attacks. They can analyze large volumes of data, identify anomalies and suspicious behavior and investigate threats by correlating many data points. Techniques such as regression, classification, and clustering are already used to identify network threats, detect software vulnerabilities, monitor email, and design advanced antivirus applications.

Continue reading

Cyberattack in Thessaloniki

Five years ago the security of the digital infrastructures of the organisations was not even an object of discussion. Most though of security as a store room with a lock on the outside, a back-up external drive, that usually remained connected on the server, and an antivirus that in most of the cases was a free one.

It comes without saying that file sharing policies, back-up check in portable devices, active directory, firewall, certified connection of the users in the internet, GDPR, website access restrictions and in everything that we today consider digital security. All of the above though, change for the best in the past few years. The Covid era was a milestone in this process as the safe remote access to the information systems became a non-negotiable necessity.

Continue reading