wiser: the european innovative framework on cybersecurity

WISER “WIDE-IMPACT CYBER SECURITY RISK FRAMEWORK” www.cyberwiser.eu @cyberwiser

Co-funded by the European Commission Horizon 2020 – Grant # 653321

WISER: the European innovative framework on cybersecurity

March 2016

1

http://www.cyberwiser.eu/

Summary

What is WISER? WISER is a European collaborative Innovation Action that puts cyber-risk management at the very heart of good business practice.

Started on June 1st 2015, by 2017 WISER will provide a cyber-risk management framework able to assess, monitor and mitigate the risks in real-time, in multiple industries.

Who stands to benefit? SMEs

Financial insurance

Critical Infrastructure organisations or highly complex cyber systems

Cyber secure, innovative smart energy providers

Who is involved? Six European Partners collaborating

2 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser

Cybersecurity: A raising concern

1,673 reported data breaches in 2015, which resulted in more than 707.5 million records being compromised worldwide.

The British insurance company Lloyd’s estimates that cyber attacks cost businesses as much as $400 billion a year

Malware attacks in 2015 nearly doubled to reach up to 8.19 billion, from 4.2 billion in 2014

41% of IT personnel admitted to not following the same security protocols they are expected to enforce

1 in 8 legitimate websites have a critical vulnerability

Some figures on cybercrime

Despite the relevance of the threat, awareness on cybersecurity is still low. Affordable solutions, especially for SMEs, are yet to be seen on the market.


The WISER perimeter & positioning

The goal of WISER is to deliver solutions that require less consultancy to perform cybersecurity assessment & improvements, through innovative methodologies

WISER has a high level innovation potential and commits its resources also to create awareness & a global cybersecurity culture

Combining risk management (in real-time!) with security techniques

Interesting services

Attention to SMEs

The online component

The RPS delivery model

Sustainability


Innovation elements brought in by WISER

It is not simply about monitoring cyber incidents, it is about assessing the risks present within a company The risk assessment considers the potential damage to the ICT infrastructure and the damage to the business of the company, including various aspects, such as reputational implications – a multi-level assessment This risk evaluation evolves with the rapid dynamics that are inherent with the cyber “climate” This evaluation is performed by means of a novel methodology, to be elaborated in the project Modelling cyber risk, using patterns Definition of mitigation measures according to the threats and attacks and ranking based on different criteria Ultimate goal: Make cyber risk assessment affordable, especially to SMEs

Going beyond the state of art


How does it work?

Cyber risk assessment follow-up

Monitoring: events and alarms detection and follow-up

Testing: vulnerabilities scanning and follow-up

Modelling

Decision Support

The WISER framework delivers capabilities that are unparalleled with respect to current offering. SMEs are enticed by means of “freemium”

services (i.e. the “CyberWISER-Light”)

Innovative capabilities and features

Basic and detailed visualization of reports Graphic dashboard with analytical features Configurable alerts Periodical execution of vulnerability scans Basic and detailed information of vulnerabilities found Assistance to derive model rules from risk models Assistance to decide the most suitable risk model according to the business and ICT profile of the company Cost-benefit analysis of mitigation measures Quality Criteria Assessment of risks


WISER’s workplan

Main services that will be delivered

Milestone Description Date Beneficiaries

First concrete WISER tool Includes user-friendly approach to increase awareness through self assessment

Online from March 2016

SMEs, General public

Pre-packaged solution for real time risk assessment

Delivered by December 2016

SMEs and ICT systems in general

On-demand services for real time and cross-system assessment of vulnerabilities and threats

Delivered by December 2016

Critical infrastructure or highly complex cyber

systems


WISER will come in a 3-level service range, to impact on the broadest audience possible

Registration and basic data required to Clients

WISER tests vulnerabilities from the outside

Provides basic benchmarking

Detailed business and IT infrastructure data required

Model selection based on WISER suggestion or tailored

Sensors installation at the network layer level

Real time exposure calculation

Monitoring Mitigation options

considered WISER team limited support

Detailed business and IT infrastructure data required

Possibility to implement Client’s models

Possibility to perform cost/benefit analysis on the base of Client’s indications

Sensors installation at the application layer level

Required Interaction

Real time exposure calculation Monitoring Mitigation cost benefit

calculations WISER team full involvement

Complexity of WISER Operating Model


Cyberwiser-light: A self assessment tool for SMEs

It’s the first and most “democratic” tool produced by WISER

Goals: Provide a very first approach to the cybersecurity problem to a large variety of companies with no experience or awareness in the field

Provide a very crude, and yet relevant, picture of the company situation with respect to cyber climate

Minimum time investment by the end-user

Report generated from two different domains: Business and ICT profile of the company

Vulnerabilities detected

Algorithm producing reports reflecting How the company profile influences its cyber risk situation

How the vulnerabilities detected impact the business of the company.

Online from March 2016, accessible for free on www.cyberwiser.eu


http://www.cyberwiser.eu

WISER’s Early Assessment Pilots (EAPs)

Our “early customers” are from different backgrounds

SMEs IT Providers

Verticals Public Authority


Design: WISER Framework schema

The WISER framework manages to combine risk assessment with cybersecurity best practice techniques, and it does so in real-time

The logical blocks of the framework include a risk assessment engine and a decision support system


Cyber risk assessment @ WISER & the iterative process with the end-user

Cyber Risk Assessment

Report Algorithm Interpreter (mapping)

Target infrastructure

Vu

lner

abili

ties

(t

esti

ng)

Even

ts /

Ala

rms

(mo

nit

ori

ng)

Business and ICT profile information

Inputs

Risk model (model rules)

Mo

del

(R

1,R

2,…

, Rn

)

RA 1, M1

RA 2, M2

RA n, Mn

Decision-maker

assistant

Comparison and ranking of mitigation measures


Mitigation measures are provided to the end-user, who can repeat the analysis to verify effectiveness of measures implemented.

Conclusions & next steps proposed for ENISA

WISER is building on some of the indications of NIS and is already benefiting from having received clarifications from ENISA in a first conference call

WISER would like to maintain a continuously “open line” with ENISA, to benefit from ENISA’s strategic indications along the lines of cybersecurity

WISER would like propose to schedule a conference call with ENISA next May to comment on the early feedback from the European end-users of the new online service proposed by WISER to SMEs (“cyberwiser-light”)


www.cyberwiser.eu @cyberwiser

Thank you for your attention! Questions?

Contact Antonio Álvarez Romero Technical Coordinator Atos Spain SA [email protected]

Contact Stephanie Parker Communication Manager Trust-IT Services Ltd [email protected]

http://www.cyberwiser.eu/

wiser: the european innovative framework on cybersecurity

Technology