The main vehicle for exploitation of the CS-AWARE-NEXT project results (and thus the project’s pathways to impact) is the CS-AWARE Corporation, which intends to bring the project results to the market in the context of the CS-AWARE cybersecurity awareness and management platform. For further dissemination of project results, academic partners have interest in creating educational and research impact, while SMEs and industry partners have interest in advancing technological achievements and advancing the market introduction of project results.
CS-AWARE caters to two target markets: The NIS (Network and Information Security) sector market and the LPA (Local Public Administration) market. We have identified over one million European companies operating in the critical and important sectors defined by the NIS/NIS2 directive. According to Eurostat, there are around 96.000 European LPAs. This equals a serviceable available market (SAM) of around 1,1 million organizations, building the baseline for our assumptions of scale for the outcome/impact of each individual contribution below.
Regarding the significance, it is exceptionally hard to derive a baseline assumption for quantifying improvements in the context of cybersecurity R&I. To the best of our knowledge, there are no studies available that would enable one to quantify specific aspects of cybersecurity, or the collaborative European cybersecurity framework. A recent ENISA study on NIS investments provides some interesting quantified insights into the state of NIS implementation in relevant European companies, but does not provide the means to derive a baseline against which the significance of CS-AWARE-NEXT contributions could be quantified, other than the statement that “82% of surveyed organisations acknowledge a positive impact of the NIS Directive on their security program”. Furthermore, the annual Accenture cost of cybercrime report provides interesting insights on potential cost savings (especially highlighting the potential in the context of threat intelligence, AI and user behaviour analytics), but this does not provide a relevant benchmark basis for improvements introduced by CS-AWARE-NEXT either. While CS-AWARE-NEXT is addressing the issue of the paucity of quantifiable data relating to cybersecurity by proposing a dynamic profiling and benchmarking framework (Objective 6) that is applicable to the fast-changing cybersecurity environment, we cannot rely on this framework yet to provide a sensible quantification of significance. We therefore derive our significance estimates from the perspective of an informed and expert judgement, based on the work and the validation results of the CS-AWARE project. This enables us to postulate an informed, and we believe, realistic estimate of improvement potential.
Unique contribution 1: Improved organisational policy support for dynamic cybersecurity management
Description: A cybersecurity policy management framework for organizations that is able to deal with the dynamic and fast-changing cybersecurity requirements, and integrates with the cooperative/collaborative efforts of the European collaborative cybersecurity framework. It has the potential for significantly improving the cybersecurity of organizations (including intra-departmental and supply chain considerations) and to significantly reduce the success and impact of cyberattacks on organizations and their supply chains. It does this by enabling the operationalisation of tasks related to cybersecurity risk and incident management in an effective and efficient way (e.g. self-healing, disaster recovery, business continuity, preparedness, information sharing, collaboration, …), contributing to the listed impacts.
Target group:
- Small, medium and large-sized (NIS sector/public) organizations
Mid-term impact:
- Advanced self-healing disaster recovery and effective business continuity in critical sectors (e.g. energy, transportation, health)
- Enhanced mechanisms for exchange of information among relevant players
- Better disaster preparedness against possible disruptions, attacks and cascading effects
- Better business continuity covering two or more sectors
Long-term impact:
- Strengthened EU cybersecurity capacities and European Union sovereignty in digital technologies
- More resilient digital infrastructures, systems and processes
- Increased software, hardware and supply chain security
- Secured disruptive technologies
- Reinforced awareness and a common cyber security management and culture
Type of outcome/impact (scientific, economic/technological, societal):
- Scientific: The cybersecurity policy framework - academic dissemination and standardization potential.
- Economic/technological: A reference implementation of the policy framework (CS-AWARE platform).
- Societal: The societal impact of the cybersecurity policy management framework is expected to be an increase in cybersecurity in general through the widespread use by individual organizations, and the concomitant broadening and deepening of the understanding of cybersecurity issues by those who work in those organisations.
Scale and significance of project’s contributions, including quantified estimates
Scale: 10% reach in the target market (110.000 organizations) in 10 years through CS-AWARE platform
Significance: Efficiency and effectiveness of cybersecurity management increased by 60% in target organizations
Unique contribution 2: Improved cooperation/collaboration on the local/regional level and its inclusion in the multi-level European collaborative cybersecurity framework
Description: Improved strategic and coordinated cooperation/collaboration on the local/regional level is currently missing in the multi-level European cybersecurity efforts, and has the potential for significant outcomes and impacts in this context (including the ability to better address cascading supply chain issues). It contributes to all expected outcomes listed in the call topic, and most of the impacts listed in the work programme destination by providing an environment for collaborating on cybersecurity issues that go beyond organizational boundaries.
Target group:
- Small, medium and large-sized (NIS sector/public) organizations
- Industry associations/LPAs for managing local/regional collaboration
- Competent authorities/CSIRTs for link to multilevel cybersecurity collaboration
Mid-term impact:
- Advanced self-healing disaster recovery and effective business continuity in critical sectors (e.g. energy, transportation, health)
- Enhanced mechanisms for exchange of information among relevant players
- Better disaster preparedness against possible disruptions, attacks and cascading effects
- Better business continuity covering two or more sectors
Long-term impact:
- Strengthened EU cybersecurity capacities and European Union sovereignty in digital technologies
- More resilient digital infrastructures, systems and processes
- Increased software, hardware and supply chain security
- Secured disruptive technologies
- Reinforced awareness and a common cyber security management and culture
Type of outcome/impact (scientific, economic/technological, societal):
- Scientific: The cooperative/collaborative framework - academic dissemination and standardization potential.
- Economic/technological: A reference implementation of the cooperative/collaborative framework (SPOD and CS-AWARE platforms)
- Societal: The societal impact of increased cybersecurity collaboration is expected to be an increase in cybersecurity in general through the generation of shared situational awareness.
Scale and significance of project’s contributions, including quantified estimates
Scale: 10% reach in the target market (110.000 organizations) in 10 years through CS-AWARE platform
Significance: Efficiency and effectiveness of cybersecurity collaboration increased by 80% in target organizations
Unique contribution 3: Enable the use of threat intelligence and other relevant dynamic cybersecurity data (e.g. social media) in operational cybersecurity risk and incident management
Description: Threat intelligence is available in increasing volumes, not least due to the information shared in the context of the collaborative European cybersecurity framework. It’s use in operational cybersecurity risk and incident management is still hindered by the lack of operational tool support to be able to effectively and efficiently handle the large volumes of data continuously provided via threat intelligence. The AI based data collection and correlation engine provided by CS-AWARE-NEXT for this context has the potential for significant outcomes and impacts for dynamic cybersecurity management. It relates to most outcomes listed in the call topic, and the majority of impacts listed in the work programme destination.
Target group:
- Small, medium and large-sized (NIS sector/public) organizations
- Competent authorities/CSIRTs for link to multi-level cybersecurity (data providers)
Mid-term impact:
- Advanced self-healing disaster recovery and effective business continuity in critical sectors (e.g. energy, transportation, health)
- Better disaster preparedness against possible disruptions, attacks and cascading effects
- Better business continuity covering two or more sectors
Long-term impact:
- Strengthened EU cybersecurity capacities and European Union sovereignty in digital technologies
- More resilient digital infrastructures, systems and processes
- Increased software, hardware and supply chain security
- Secured disruptive technologies
- Reinforced awareness and a common cyber security management and culture
Type of outcome/impact (scientific, economic/technological, societal):
- Scientific: The AI based data collection and correlation framework - academic dissemination and standardization potential.
- Economic/technological: A reference implementation of the AI based data collection and correlation framework (CS-AWARE platform)
- Societal: The societal impact of increased use of threat intelligence and other relevant cybersecurity data is expected to be an increase in cybersecurity in general through more effective and efficient cybersecurity management capabilities.
Scale and significance of project’s contributions, including quantified estimates
Scale: 10% reach in the target market (110.000 organizations) in 10 years through CS-AWARE platform
Significance: Cybersecurity awareness and management capacity raised by 80% in target organizations
Unique contribution 4: Improved disaster recovery, business continuity and system self-healing for dynamic cybersecurity risk and incident management
Description: Disaster recovery and business continuity that is able to operate in a dynamic way and bring traditional risk management tasks closer to the operational day-to-day incident management (including integration with system self-healing engines) has the potential for significant outcomes and impacts in this context. It relates to most outcomes listed in the call topic, and the majority of impacts listed in the work programme destination.
Target group:
- Small, medium and large-sized (NIS sector/public) organizations
Mid-term impact:
- Advanced self-healing disaster recovery and effective business continuity in critical sectors (e.g. energy, transportation, health)
- Better disaster preparedness against possible disruptions, attacks and cascading effects
- Better business continuity covering two or more sectors
Long-term impact:
- Strengthened EU cybersecurity capacities and European Union sovereignty in digital technologies
- More resilient digital infrastructures, systems and processes
- Increased software, hardware and supply chain security
- Secured disruptive technologies
- Reinforced awareness and a common cyber security management and culture
Type of outcome/impact (scientific, economic/technological, societal):
- Scientific: The dynamic disaster recovery and business continuity framework - academic dissemination and standardization potential.
- Economic/technological: A reference implementation of the disaster recovery and business continuity framework, including its operational integration with cybersecurity management and system self-healing (CS-AWARE platform)
- Societal: The societal impact of increased disaster recovery and business continuity capabilities is expected to be an increase in cybersecurity in general through increased and more effective/efficient response capabilities.
Scale and significance of project’s contributions, including quantified estimates
Scale: 10% reach in the target market (110.000 organizations) in 10 years through CS-AWARE platform
Significance: Operational capability of disaster recovery/ business continuity/ self-healing increased by 60% in organizations
Unique contribution 5: Improved cybersecurity evidence collection and information sharing to connect organizations and local/regional level with multi-level European collaborative cybersecurity framework
Description: The ability to collect dynamic evidence of cybersecurity incidents from organizations and local/regional networks in an efficient and effective manner is crucial to the ability of relevant communities like competent authorities/CSIRTs to produce threat intelligence and thus to the success of the European collaborative cybersecurity framework. The CS-AWARE-NEXT contributions in this context have the potential for very significant outcomes and impacts. CS-AWARE-NEXT specifically addresses both the outcomes relating to enhanced information sharing mechanisms and better disaster preparedness (through increased information sharing) listed in the call topic, and moreover, the majority of the impacts listed in the work programme destination.
Target group:
- Small, medium and large-sized (NIS sector/public) organizations
- Competent authorities/CSIRTs for link to multi-level cybersecurity (data consumers)
Mid-term impact:
- Enhanced mechanisms for exchange of information among relevant players
- Better disaster preparedness against possible disruptions, attacks and cascading effects;
Long-term impact:
- Strengthened EU cybersecurity capacities and European Union sovereignty in digital technologies
- More resilient digital infrastructures, systems and processes
- Increased software, hardware and supply chain security
- Secured disruptive technologies
- Reinforced awareness and a common cyber security management and culture
Type of outcome/impact (scientific, economic/technological, societal):
- Scientific: The information sharing framework - academic dissemination and standardization potential.
- Economic/technological: A reference implementation of the information sharing framework (CS-AWARE platform)
- Societal: The societal impact of increased cybersecurity information sharing is expected to be an increase in cybersecurity in general through the ability to create threat intelligence more efficiently and at higher volumes.
Scale and significance of project’s contributions, including quantified estimates
Scale: 10% reach in the target market (110.000 organizations) in 10 years through CS-AWARE platform
Significance: Threat intelligence capability produced by relevant authorities raised by 60% Information exchange capability increased by 90% in target organizations
Unique contribution 6: A KPI-based benchmarking and profiling framework to achieve shared situational awareness between individual organizations and other levels of the multi-level European cybersecurity framework
Description: Benchmarking and profiling in the context of cybersecurity management is traditionally highly individual and depends on the organizational context. There is currently no benchmarking and profiling approach available that allows to assess an organization against the baseline derived from other levels of the multi-level European cybersecurity framework, and the contribution has therefore a significant potential for outcomes and impacts in this context, providing organizations with quantifiable data of their security status and potential for improvement. This relates to the outcomes listed in the call topic concerning enhanced information sharing mechanisms and better preparedness. It relates on one way or another to all impacts listed in the work programme destination, including quantifiable security assurance.
Target group:
- Small, medium and large-sized (NIS sector/public) organizations
Mid-term impact:
- Enhanced mechanisms for exchange of information among relevant players
- Better disaster preparedness against possible disruptions, attacks and cascading effects
Long-term impact:
- Strengthened EU cybersecurity capacities and European Union sovereignty in digital technologies
- More resilient digital infrastructures, systems and processes
- Increased software, hardware and supply chain security
- Secured disruptive technologies
- Smart and quantifiable security assurance and certification shared across the EU
- Reinforced awareness and a common cyber security management and culture
Type of outcome/impact (scientific, economic/technological, societal):
- Scientific: The benchmarking and profiling framework - academic dissemination and standardization potential.
- Economic/technological: A reference implementation of the benchmarking and profiling framework (CS-AWARE platform)
- Societal: The societal impact of benchmarking and providing is expected to be an increase in cybersecurity in general through the ability to better assess and improve the security state of individual organizations
Scale and significance of project’s contributions, including quantified estimates
Scale: 10% reach in the target market (110.000 organizations) in 10 years through CS-AWARE platform
Significance: Shared multi-level situational awareness raised by 100% in target organizations