Attacks against criticalinfrastructures can have significant impact and causematerial andfinancial losses. Anattack againstanelectricity network, made in December 2016 in Ukraine, caused a major blackout, a type of event with anestimatedaveragecostof20 millioneuros per hour. The Innovation Activity of EIT Digital is developingacloud-basedSecurity Operations Centerfor detecting andresponding to attacksmade againstcritical infrastructures.
The EIT Digital 'Security Operations Center for Critical Infrastructures' Innovation Activity focuses on protecting critical infrastructures against so-called advanced persistent threats. These threats are executed over a long period of time by skilled attackers with significant resources at their disposal.
Dr. György Dán, Associate Professor at the Swedish KTH Royal Institute of Technology and the leader of this EIT Digital Innovation Activity said: "Our mission is to provide improved resilience for critical infrastructures and for society in general against cyber-attacks. This can be achieved through developing a cloud-based security operations centre - SOC - as a service and a corresponding business model for selling it. The SOC's customers are operators of various critical infrastructures, such as, communications, energy, heat, water and gas. The service will be integrated in the existing operations and offerings of the EIT Digital partners participating in this innovation activity."
Typically, the attackers try to execute their attacks in a way that the true cause of the infrastructure malfunction cannot be detected. The Security Operations Center helps to reveal an attack before it reaches its goal, and will inform the client within 30 minutes after detecting the attack.
Dr. Dán continued: "The SOC will improve the detection capability by collecting in real-time log data from legacy devices, analysing streaming data and making security sensors more resilient against attacks. The response capability is further improved as the Security Operations Centre personnel is able to collect log data on demand for the root cause analysis and forensics after the attack is detected."
Provided as a service, the infrastructure operator gets access to the state-of-the-art threat intelligence, latest computing technologies and the expertise of a team of cyber security experts for continuous threat protection.
The Security Operations Center for Critical Infrastructures Innovation Activity is one of the 13 Innovation Activities of the Digital Infrastructure action line of EIT Digital for 2017. The Digital Infrastructure action line focuses on enabling digital transformation by providing secure, robust, responsive, and intelligent communications and computation facilities for the markets.
EIT Digital Innovation Activities deliver new products or services, create startups and spinoffs to commercialise outputs from projects, and encourage the transfer of technologies for market entry.
About EIT Digital
EIT Digital is a leading European open innovation organisation that brings together a partnership of over 130 top European corporations, SMEs, start-ups, universities and research institutes. EIT Digital invests in strategic areas to accelerate market uptake of research-based digital technologies and to bring entrepreneurial talent and leadership to Europe.
EIT Digital is a Knowledge and Innovation Community of the European Institute of Innovation and Technology(EIT). EIT Digital headquarters are in Brussels with co-location centres in Berlin, Budapest, Eindhoven, Helsinki, London, Madrid, Paris, Stockholm, Trento and a hub in Silicon Valley.