Objective #1
Enhance and deploy continuous monitoring systems to enable visibility across infrastructures in order to timely and effectively detect cyber threats, vulnerabilities, and anomalies.
- Provide AI-driven tools that can analyse network behaviour, detect deviations from normal activity, and provide actionable risk assessments in near real-time.
- Monitoring systems will enable organisations to maintain an ongoing, proactive approach to cybersecurity by constantly assessing and detecting potential threats.
- Ensure that critical infrastructures remain resilient and adaptive, adapting to the continuous changes of the cyber threat landscape and maintaining their preparedness.
Objective #2
Leverage AI for automating the detection, assessment, and prioritisation of cyber threats and vulnerabilities in critical infrastructures.
- Use AI-enhanced tools to enable near real-time identification of emerging threats, ensuring faster and more accurate response times and reducing the window of exposure to potential attacks.
- Enhance the ability to assess the severity and impact of vulnerabilities, fostering threat mitigation and increasing preparedness against attacks.
- Deploy trusted, explainable AI techniques to further facilitate the analysis and interpretation of the results and the compliance with regulatory requirements.
Objective #3
Integrate timely Cyber Threat Intelligence (CTI) feeds into the CIRCAT solution to simulate and address emerging threats.
- Provide the details required for a dynamic, realistic environment to be used for testing to produce defensive mechanisms and strategies against the latest cyber threats and vulnerabilities in critical sectors.
- Allow for continuous and accurate threat simulation, helping organisations to anticipate and prepare for new attack vectors while improving their incident response capabilities.
- Facilitate the development of more targeted, data-driven security training scenarios based on current threat landscapes.
Objective #4
Provide tailored, realistic and comprehensive penetration testing scenarios to assess vulnerabilities. The scenarios will cover a range of assets, including Networks, Applications, Virtualisation solutions, Industrial Control Systems (ICS), Internet of Things (IoT) environments, etc.
- Test the resilience of large industrial operations and installations under real-world situations for contemporary threats by simulating advanced, sophisticated cyberattacks.
- Identify security gaps and evaluate defence mechanisms that can enhance incident response capabilities by incorporating advanced attack techniques such as supply chain threats and lateral movement strategies.
- Analyse sector-specific threats, assess potential impacts of attacks, and provide appropriate and relevant mitigation recommendations by developing customised risk scenarios.
- Strive to strengthen cyber preparedness through proactive testing, ensuring robust security measures, regulatory compliance, and continuous improvement against evolving threats.
Objective #5
Provide a scalable network of Cyber Ranges (CRs) to simulate advanced cyberattack scenarios and risk assessment across various critical infrastructure sectors.
- The CR environment will be able to host complex and realistic scenarios, also by covering scenarios with cascading effects in cross-border incidents. These scenarios will be used in meaningful exercises to train employees of organisations in order to obtain a better understanding of the operational needs of an incident and to improve their preparedness and response.
- The secure environment of the deployed CRs will be able to achieve the detailed and realistic simulation of exercises to address novel threats and vulnerabilities. This will enhance response times and foster a deeper understanding of the evolving threat landscape, ensuring that participants are trained on making informed decisions and respond effectively in advanced, persistent attacks, even for cross-border scenarios.
Objective #6
Establish a collaborative environment that enables EU Member States and other relevant stakeholders to engage in joint cybersecurity exercises to increase coordination, and collaboration even for cases of cross-border cyber threats.
- Facilitate seamless communication and information sharing among entities in different states to enable the coordination of responses to cyber risks that trigger cascading effects across organisations and borders.
- By conducting joint exercises, stakeholders will simulate complex incidents of cyberattacks that impact multiple sectors or countries, improving the collective ability to manage and mitigate widespread threats in widened threat landscapes.
- Increase collaboration to strengthen the resilience of all involved parties to increase the effectiveness and swiftness of responses to cross-border cyber incidents.