PROTECTIVE | Proactive Risk Management through Improved Cyber Situational Awareness

Summary
PROTECTIVE is designed to improve an organisations ongoing awareness of the risk posed to its business by cyber security attacks. PROTECTIVE makes two key contributions to achieve this enhanced situational awareness. Firstly it increases the computer security incident response team’s (CSIRT) threat awareness through improved security monitoring and increased sharing of threat intelligence between organisations within a community. Secondly it ranks critical alerts based on the potential damage the attack can inflict on the threatened assets and hence to the organisations business. High impact alerts that target important hosts will have a higher priority than other alerts. Through the combination of these two measures organisations are better prepared to handle incoming attacks, malware outbreaks and other security problems and to guide the development of the prevention and remediation processes.
The PROTECTIVE system is designed to provide solutions for public domain CSIRTs and SME’s who both have needs outside the mainstream of cyber security solution provision. Public CSIRTs needs arise in part because commercial tools do not address their unique requirements. This has created a shortfall, clearly articulated by ENISA, of tools with the required analytical and visualisation capabilities to enable public CSIRTs provide optimised services to their constituency. SME’s also are vulnerable to cybercrime as they have limited resources to protect themselves and often a limited understanding of what needs to be done. Two pilots will be conducted to evaluate and validate the PROTECTIVE outcomes with CSIRTs from 3 National Research and Educational Networks (NRENs) and with SMEs via a managed security service provider (MSSP).
The PROTECTIVE consortium is constituted of 3 NRENs, 3 academic and four commercial partners from 8 countries so as to maximise the technical and commercial impact of the outputs and the dissemination and uptake of the results.
Unfold all
/
Fold all
More information & hyperlinks
Web resources: https://cordis.europa.eu/project/id/700071
Start date: 01-09-2016
End date: 31-08-2019
Total budget - Public funding: 4 693 612,50 Euro - 4 160 596,00 Euro
Cordis data

Original description

PROTECTIVE is designed to improve an organisations ongoing awareness of the risk posed to its business by cyber security attacks. PROTECTIVE makes two key contributions to achieve this enhanced situational awareness. Firstly it increases the computer security incident response team’s (CSIRT) threat awareness through improved security monitoring and increased sharing of threat intelligence between organisations within a community. Secondly it ranks critical alerts based on the potential damage the attack can inflict on the threatened assets and hence to the organisations business. High impact alerts that target important hosts will have a higher priority than other alerts. Through the combination of these two measures organisations are better prepared to handle incoming attacks, malware outbreaks and other security problems and to guide the development of the prevention and remediation processes.
The PROTECTIVE system is designed to provide solutions for public domain CSIRTs and SME’s who both have needs outside the mainstream of cyber security solution provision. Public CSIRTs needs arise in part because commercial tools do not address their unique requirements. This has created a shortfall, clearly articulated by ENISA, of tools with the required analytical and visualisation capabilities to enable public CSIRTs provide optimised services to their constituency. SME’s also are vulnerable to cybercrime as they have limited resources to protect themselves and often a limited understanding of what needs to be done. Two pilots will be conducted to evaluate and validate the PROTECTIVE outcomes with CSIRTs from 3 National Research and Educational Networks (NRENs) and with SMEs via a managed security service provider (MSSP).
The PROTECTIVE consortium is constituted of 3 NRENs, 3 academic and four commercial partners from 8 countries so as to maximise the technical and commercial impact of the outputs and the dissemination and uptake of the results.

Status

CLOSED

Call topic

DS-04-2015

Update Date

27-10-2022
Images
No images available.
Geographical location(s)
Structured mapping
Unfold all
/
Fold all
Horizon 2020
H2020-EU.3. SOCIETAL CHALLENGES
H2020-EU.3.7. Secure societies - Protecting freedom and security of Europe and its citizens
H2020-EU.3.7.0. Cross-cutting call topics
H2020-DS-2015-1
DS-04-2015 Information driven Cyber Security Management