Project blog

Why old school thinking?

Why old school thinking? For many years, a report from Govloop in the US writes, government agencies have applied a “hodgepodge of cyber-security strategies” to counter both internal and external risks. Many relied on firewalls to manage external activity and potential threats. In the end, the Govloop authors conclude that Legacy firewalls tend to be more concerned with activity attempting to penetrate their perimeter defenses and do not monitor internal activities within the local network.

Continue reading

Greece's new Cybersecurity Bill

Greece’s new Cybersecurity Bill A bill on cyber security, telecommunication privacy issues and personal data has been submitted to the Greek parliament. In particular, the bill aims at “ensuring the necessary balance between privacy protection and national security, within the constitutional frame and in the foundation of the best international policies.” Additionally, the bill strengthens the “citizen’s rights against the threats that are connected to the technological evolution”. The bill in question deals with issues of counter surveillance with the use of right tools, the foundation of Information Academy and counterintelligence and the setting of a stricter privacy frame.

Continue reading

CS-Connect first steps!

CS-Connect first steps! As you may remember, one of the many exciting outcomes of CS-AWARE-NEXT is the collaboration platform that has been baptized CS-Connect in the Wien meeting! CS-Connect is a collaboration layer for the ecosystem, aimed to support the organisations in their activities toward improved security. We have collected the requirements and are now deciding what is the current basis for the development and overcoming different technological challenges. We have selected several Open Collaboration Platforms (CPs) to study and evaluate.

Continue reading

A step towards DORA Compliance

A step towards DORA Compliance Most organizations, regardless of the vertical, are often engaged in complex and massive interconnections leading to some security challenges. As a result, individual and local initiatives alone may not suffice to effectively defend against current and future threats. Indeed, more synergy and collaboration amongst companies that are “shareholders in security” hence affected by the breach from others, is essential. Recent EU cybersecurity initiatives including the NIS/NIS2 and DORA for the financial sector have ought to address the cybersecurity and resilience of both, organizations delivering essential and vital services on the one hand, and the financial services, on the other.

Continue reading

The legend of The Scottish Thistle - the early version of a socio-technical defence system!

The legend of The Scottish Thistle - the early version of a socio-technical defence system! Technology is getting both advanced and effective, but what good does it do if we don’t understand and use it properly? Humans have a long history of using tools to help us make our jobs easier or for keeping us safe. However, technology can only do so much on it’s own. It needs a human touch to fulfil its full potential.

Continue reading

Supervised vs automated response to cyberthreats

Supervised vs automated response to cyberthreats Cyberthreats are continually becoming more sophisticated, thus creating a demand for an equally advanced threat detection and response. Detection of cyberthreats can very much benefit from the adoption of AI, as it is able to detect attack patterns and perform correlations among various security-related events. However, when it comes to incident handling, a fully AI-enabled approach may actually cause more harm than good, due to the critical human factors involved.

Continue reading

Storytelling Workshops 2022

Storytelling Workshops 2022 We have organised storytelling workshops in the two pilot sites of the project: the municipalities of Larissa and Foggia. Representatives of multiple public and private organisations came together for four days for these workshops that were organised by our project. During the workshop, participants shared stories about their experiences with cybersecurity in their organisations, and, in addition, discussed real world examples of cyberattacks that had serious implications on a region, or, the term we like to use, on an entire ecosystem.

Continue reading

Cybersecurity – a case for advanced decision models

Cybersecurity – a case for advanced decision models Advanced attacks demand advanced countermeasures. On a technical level there already is an elevated level of awareness and readiness. That is why in a first wave of attacks criminals usually focus on tricking users into opening up systems for them . While this has now been the rule for at least over a decade, the way in which these attacks are prepared now follow an almost military style approach.

Continue reading

Data poisoning attacks

Data poisoning attacks Data poisoning is an increasingly important security concern for Machine Learning (ML) systems. As machine learning models are becoming more prevalent in our lives, they are also becoming more vulnerable to malicious attacks. Data poisoning attacks are one of the most insidious and difficult-to-detect kinds of threats on ML models. Data poisoning is a type of adversarial attack in which a cybercriminal injects malicious data into a machine learning model.

Continue reading

Massive increase in cyber attacks in 2022

Massive increase in cyber attacks in 2022 Universities, research centers, state and military services, hospitals, communication infrastructure and banks have received numerous cyberattacks in 2022; and the worst is yet to come. It is estimated that more than 1.000 cyberattacks per organisation take place throughout the universe, which is 38% more than 2021. In Europe in particular, the average number of attacks per target reached 1.000, with an increase of 26% when compared to 2021.

Continue reading