CyberSANE: Developing an innovative and novel system to protect Critical Information Infrastructures against cybercriminals

CyberSANE is designing and implementing an advacned, configurable and adaptabl, Security and Privacy Incident Handling system, towards security incident detection and handling, composed of five independent but collaborative components. These five components work together to improve, intensify and coordinate the overall security efforts for the effective and efficient identification, investigation, mitigation and reporting of realistic multi-dimensional attacks within the interconnected web of cyber assets in the CIIs and security events. CyberSANE will act as a catalyst for improving the innovation in cybersecurity capacity by increasing the privacy and the security of online healthcare, energy and transportation services through extensive piloting.

Luis Miguel Campos, PDMFC Group / Head of  Research and Development, and CyberSANE Project Coordinator.

The CyberSANE platform is based on a modular architecture with different layers, which on one side allow end-users to set up and tailor cybersecurity according to their needs, and on the other hand, hosts different tools that provide a significant set of services and features aiming to cover each specific goal of the CyberSANE components. Each functional area of these tools is integrated separately so the end-user can determine which one works best for them. Additionally, the platform can be extended with existing tools in order to offer more services and provide innovative approaches to new cyberthreats that target critical infrastructures at any phase.

Following this approach, the CyberSANE platform is versatile and robust enough to meet the cybersecurity needs of critical information infrastructures of different domains of applications, as it will be validated during the project on three different infrastructures: energy, healthcare, and maritime transportation.

Innovative contributions for future Horizon Europe and Digital Europe

The CyberSANE platform intends to be an innovative, knowledge-based, collaborative security and response dynamic system for critical infrastructures. Its main goal is to support all phases of the cyber incident handling lifecycle, increasing the agility of the security professionals and encouraging continuous learning among critical information infrastructures.

The CyberSANE system proposes an innovative architecture composed of five main components that address specific needs using different cybersecurity techniques through multiple tools: LiveNet (Live Security Monitoring and Analysis), DarkNet (Deep and Dark Web Mining and Intelligence), HybridNet (Data Fusion, Risk Evaluation and Event Management), ShareNet (Intelligence and Information Sharing and Dissemination), and PrivacyNet (Privacy & Data Protection Orchestrator).

CyberSANE poses a disruptive approach considering the whole lifecycle of a cyberattack and even goes a step further to identify sophisticated techniques used and acquired by cybercriminals on the Dark and Deep web. Thanks to this, we are able to provide end-users from different critical information infrastructures a robust system that will support them on the protection of their ICT infrastructures and therefore the suitable supply of services to citizens.

 Jose Francisco Ruiz, Project Manager at Atos Research and Innovation, and CyberSANE WP5 Leader – HybridNet component.

CyberSANE results will actively contribute to improve European critical infrastructures competitiveness in the global digital economy. This will allow Europe to achieve technological sovereignty through advanced and innovative technologies, which will support them on the whole lifecycle of an incident. CyberSANE is designed to cover different phases of a system, ranging from monitoring, identification of threats, and investigation, to mitigation and reporting of multi-dimensional attacks within the interconnected network of cyber assets used on their daily operations.

Moreover, the CyberSANE platform offers sharing capabilities among critical information infrastructures. This enhances and strengthens the collaboration and dissemination of useful incident-related information, allowing decision-makers and incident response professionals to better understand the technical aspects of cyberattacks and prepare accordingly against them.

To learn more about CyberSANE Project, stay tuned for more updates.