wiser: the european innovative framework on cybersecurity
TRANSCRIPT
WISER “WIDE-IMPACT CYBER SECURITY RISK FRAMEWORK” www.cyberwiser.eu @cyberwiser
Co-funded by the European Commission Horizon 2020 – Grant # 653321
WISER: the European innovative framework on cybersecurity
March 2016
1
Summary
What is WISER? WISER is a European collaborative Innovation Action that puts cyber-risk management at the very heart of good business practice.
Started on June 1st 2015, by 2017 WISER will provide a cyber-risk management framework able to assess, monitor and mitigate the risks in real-time, in multiple industries.
Who stands to benefit? SMEs
Financial insurance
Critical Infrastructure organisations or highly complex cyber systems
Cyber secure, innovative smart energy providers
Who is involved? Six European Partners collaborating
2 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
Cybersecurity: A raising concern
1,673 reported data breaches in 2015, which resulted in more than 707.5 million records being compromised worldwide.
The British insurance company Lloyd’s estimates that cyber attacks cost businesses as much as $400 billion a year
Malware attacks in 2015 nearly doubled to reach up to 8.19 billion, from 4.2 billion in 2014
41% of IT personnel admitted to not following the same security protocols they are expected to enforce
1 in 8 legitimate websites have a critical vulnerability
Some figures on cybercrime
Despite the relevance of the threat, awareness on cybersecurity is still low. Affordable solutions, especially for SMEs, are yet to be seen on the market.
3 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
The WISER perimeter & positioning
The goal of WISER is to deliver solutions that require less consultancy to perform cybersecurity assessment & improvements, through innovative methodologies
WISER has a high level innovation potential and commits its resources also to create awareness & a global cybersecurity culture
Combining risk management (in real-time!) with security techniques
Interesting services
Attention to SMEs
The online component
The RPS delivery model
Sustainability
4 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
Innovation elements brought in by WISER
It is not simply about monitoring cyber incidents, it is about assessing the risks present within a company The risk assessment considers the potential damage to the ICT infrastructure and the damage to the business of the company, including various aspects, such as reputational implications – a multi-level assessment This risk evaluation evolves with the rapid dynamics that are inherent with the cyber “climate” This evaluation is performed by means of a novel methodology, to be elaborated in the project Modelling cyber risk, using patterns Definition of mitigation measures according to the threats and attacks and ranking based on different criteria Ultimate goal: Make cyber risk assessment affordable, especially to SMEs
Going beyond the state of art
5 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
How does it work?
Cyber risk assessment follow-up
Monitoring: events and alarms detection and follow-up
Testing: vulnerabilities scanning and follow-up
Modelling
Decision Support
The WISER framework delivers capabilities that are unparalleled with respect to current offering. SMEs are enticed by means of “freemium”
services (i.e. the “CyberWISER-Light”)
Innovative capabilities and features
Basic and detailed visualization of reports Graphic dashboard with analytical features Configurable alerts Periodical execution of vulnerability scans Basic and detailed information of vulnerabilities found Assistance to derive model rules from risk models Assistance to decide the most suitable risk model according to the business and ICT profile of the company Cost-benefit analysis of mitigation measures Quality Criteria Assessment of risks
6 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
WISER’s workplan
Main services that will be delivered
Milestone Description Date Beneficiaries
First concrete WISER tool Includes user-friendly approach to increase awareness through self assessment
Online from March 2016
SMEs, General public
Pre-packaged solution for real time risk assessment
Delivered by December 2016
SMEs and ICT systems in general
On-demand services for real time and cross-system assessment of vulnerabilities and threats
Delivered by December 2016
Critical infrastructure or highly complex cyber
systems
7 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
WISER will come in a 3-level service range, to impact on the broadest audience possible
Registration and basic data required to Clients
WISER tests vulnerabilities from the outside
Provides basic benchmarking
Detailed business and IT infrastructure data required
Model selection based on WISER suggestion or tailored
Sensors installation at the network layer level
Real time exposure calculation
Monitoring Mitigation options
considered WISER team limited support
Detailed business and IT infrastructure data required
Possibility to implement Client’s models
Possibility to perform cost/benefit analysis on the base of Client’s indications
Sensors installation at the application layer level
Required Interaction
Real time exposure calculation Monitoring Mitigation cost benefit
calculations WISER team full involvement
Complexity of WISER Operating Model
8 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
Cyberwiser-light: A self assessment tool for SMEs
It’s the first and most “democratic” tool produced by WISER
Goals: Provide a very first approach to the cybersecurity problem to a large variety of companies with no experience or awareness in the field
Provide a very crude, and yet relevant, picture of the company situation with respect to cyber climate
Minimum time investment by the end-user
Report generated from two different domains: Business and ICT profile of the company
Vulnerabilities detected
Algorithm producing reports reflecting How the company profile influences its cyber risk situation
How the vulnerabilities detected impact the business of the company.
Online from March 2016, accessible for free on www.cyberwiser.eu
9 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
WISER’s Early Assessment Pilots (EAPs)
Our “early customers” are from different backgrounds
SMEs IT Providers
Verticals Public Authority
10 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
Design: WISER Framework schema
The WISER framework manages to combine risk assessment with cybersecurity best practice techniques, and it does so in real-time
The logical blocks of the framework include a risk assessment engine and a decision support system
11 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
Cyber risk assessment @ WISER & the iterative process with the end-user
Cyber Risk Assessment
Report Algorithm Interpreter (mapping)
Target infrastructure
Vu
lner
abili
ties
(t
esti
ng)
Even
ts /
Ala
rms
(mo
nit
ori
ng)
Business and ICT profile information
Inputs
Risk model (model rules)
Mo
del
(R
1,R
2,…
, Rn
)
RA 1, M1
RA 2, M2
RA n, Mn
Decision-maker
assistant
Comparison and ranking of mitigation measures
12 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
Mitigation measures are provided to the end-user, who can repeat the analysis to verify effectiveness of measures implemented.
Conclusions & next steps proposed for ENISA
WISER is building on some of the indications of NIS and is already benefiting from having received clarifications from ENISA in a first conference call
WISER would like to maintain a continuously “open line” with ENISA, to benefit from ENISA’s strategic indications along the lines of cybersecurity
WISER would like propose to schedule a conference call with ENISA next May to comment on the early feedback from the European end-users of the new online service proposed by WISER to SMEs (“cyberwiser-light”)
13 WISER presentation to ENISA, March 2016 © WISER 2016 www.cyberwiser.eu - @cyberwiser
www.cyberwiser.eu @cyberwiser
Thank you for your attention! Questions?
Contact Antonio Álvarez Romero Technical Coordinator Atos Spain SA [email protected]
Contact Stephanie Parker Communication Manager Trust-IT Services Ltd [email protected]