Introduction 

COMPACT aims to empower Local Public Administrations (LPAs) to become the main actors of their cyber-resilience improvement process.

The key objectives of COMPACT are to

1. increase awareness, skills and protection;
2. foster information exchange between European LPAs;
3. link LPAs to major EU initiatives, including the newly created cyber-security PPP.

COMPACT is starting from the best existing systems, frameworks, and prototypes developed in other projects or selected among existing open source software. Solutions are tailored and extended in order to fulfil user requirements and implement the COMPACT services, which in turn will be integrated into the COMPACT system.

Who is the project designed for? 

COMPACT is targeted maily at Local Public Administrations (LPAs) as direct users. Clearly this includes that citizens and all stakeholders (such as service providers, procurement actors, etc.) involved with such LPAs will also benefit from the project.

COMPACT sets out to improve cybersecurity for these stakeholders and individuals by addressing the specifics of LPAs and specially focusing on the risk of human error, not always effectively dealt with by most technological solutions affordable to LPAs. Often, due to their size and budget constraints, these organisations are not able to implement highly granular organisational structures, to retain dedicated information personnel, and to invest in cybersecurity products and services. COMPACT responds to this need by offering risk assessment and monitoring tools as well as innovative training and information sharing services based, for example, on gamification approaches.

COMPACT also addresses this market by proposing a value proposition intended to offer intuitive interfaces which are easy to use and learn for users who are not necessarily technical experts and at the same time optimised in order to improve the level of protection of LPAs against most relevant threats while also being cost effective.

How is your project benefitting the end-user?

COMPACT is specially focusing on the human factor in cybersecurity. The current key issues which COMPACT will be able to address are:

1. Overlooking the human element is the most common mistake in cyber security.
2. The Internet has been opening new opportunities for LPAs to improve their efficiency while providing better services to citizens.
3. LPAs are becoming an attractive target for cybercriminals, who might access personal data or gain control over smartly operated city resources.
4. The consequences of cyber-threats can be considerable, significantly impacting both individuals and organisations.

Users from local public authorities will benefit from the training and information sharing services that will allow them to learn how to identify cyber threats in their daily work and to reduce risky behaviour. This will be achieved through an innovative gamification approach based on psychological studies in 5 European municipalities: Betrieb für Informationstechnologie Bremerhaven (Germany), Afragola and Bologna (Italy), Donostia San-Sebastián (Spain), and Amadora (Portugal).

Combined with risk assessment and monitoring tools, these services will be part of an integrated approach featuring applicability, usability, automation, and flexibility. Focusing on functionality and easy-to-use interface the COMPACT platform will be cloud-enabled and cloud-ready, enhancing the usability and user experience.

Please briefly describe the results your project achieved so far

COMPACT is approaching its first year, during which the main innovation foundations for the project have been set out. Given the importance of the human factor in COMPACT, a specific work on psychological factors involved in cyber-security has been carried out as well as a work on community models which aimed to study the best community involvement approaches to be used.

At the same time partners conducted an extensive technology review about key technologies involved in the COMPACT ecosystem such as security services, threat intelligence tools, training and information sharing, gamification, and so on. In this period an extensive User Requirements analysis has also been carried out in order to fully capture the needs of COMPACT users and enable them to flow into the platform.
Therefore a set of specifications have been developed together with the first version of the actual platform architecture. Alongside the more technical activities a series of dissemination and communication actions have been carried out including launching the online and social presence for compact and communicating the project to relevant audiences.

What are the next steps for your project?

The next steps for the COMPACT project in the next period will be:

• Adaptation of existing components to LPAs needs identified through the user requirements and specifications activities.
• Creation of the contents for the gamified awareness and training.
• Definition of the COMPACT trials with the objective to validate the COMPACT platform by means of the use case applications against the requirements.
• Opening of the COMPACT Information Hub which will allow the community to exchange information, involve relevant stakeholders and stimulate interaction.

 COMPACT Project of the Week 25 February - 2 March 2019