Critical infrastructures (CIIs) and Information and Communication Technology (ICT) systems face a rise of cyber security threats, both in scale and sophistication. These cyber-attacks are expected to have a growing negative economic and societal impact in the next decade and should therefore be considered as global risks. Furthermore, as the number of cyber-threats and ingenuity of attackers is growing, more highly skilled cyber-security professionals are needed by the industry. To this end, cyber-security education and training are becoming more and more relevant, as potentially the only way in which such cyber-incidents can be prevented and handled adequately.
The FORESIGHT project aims to develop a federated cyber-range solution to enhance the preparedness of cyber-security professionals at all levels and advance their skills towards preventing, detecting, reacting and mitigating sophisticated cyber-attacks. This is achieved by delivering an ecosystem of networked realistic training and simulation platforms that collaboratively bring unique cyber-security aspects from the aviation, smart grid and naval domains. The proposed platform will extend the capabilities of existing cyber-ranges and will allow the creation of complex cross-domain/hybrid scenarios to be built jointly with the IoT domain.
Emphasis is given on the design and implementation of realistic and dynamic scenarios that are based on identified and forecasted trends of cyber-attacks and vulnerabilities extracted from cyber-threat intelligence gathered from the dark web; this will enable cyber-security professionals to rapidly adapt to an evolving threat landscape.
The development of advanced risk analysis and econometric models will prove to be valuable in estimating the impact of cyber-risks, selecting the most appropriate and affordable security measures, and minimising the cost and time to recover from cyber-attacks. Innovative training curricula, guiding cyber-security professionals to implement and combine security measures using new technologies and established learning methodologies, will be created and employed for training needs; they will be linked to professional certification programs and be supported by learning platforms.
Aside from the development of skills, the project aims at a holistic approach to cyber-threat management with the ultimate goal of cultivating a strong security culture. As such, the project puts considerable emphasis on research and development (i.e. research on cyber-threats, development of novel ideas, etc) as the key to increasing training dynamics and awareness methods for exceeding the rate of evolution of cyber-attackers.
H2020 SEC, DS, 2019-2022