The project is coordinated by Eviden teams in Romania and is made up of a consortium of 4 partners: Eviden in Romania, Atos in Spain, ISEP (Instituto Superior de Engenharia do Porto) and DNSC (Romanian National Cybersecurity Directorate).
The aim of the platform is to provide SOCs with critical info about threat actors and their Terms Techniques & Procedures (TTPs) and Indicators of Compromise (IoCs), thereby improving collaboration, efficiency, and proactivity in dealing with cyber-attacks.
By combining Eviden and ISEP's expertise in Detection & Response, the following main features will be provided:
- Data analytics platform: This will be used by SOCs to detect, investigate, and respond to cyber security threats in a fast and efficient way. The platform will be built using modern technologies to be stable, scalable, and responsive.
- Network Traffic Analysis (NTA): The detection of malicious activities in networks is one of the most common cybersecurity problems. NTA monitors network activity to detect malware or abnormal network-level traffic.
- Host Intrusion Detection Service (HIDS): Extended host-based intrusion detection for multiple platforms including Linux, Windows and Mac will be developed. The solution provides advanced detection capabilities to detect malicious activities such as rootkits and malware affecting servers and workstations.
- AI-driven analytics Traditional: SIEM-based security solutions cannot detect complex, targeted, or unknown attacks. Also, they lack efficiency when it comes to analyzing a high volume of varied data. In response, using AI for data analysis will provide superior detection and will defend against next generation cyberattacks.
Eviden will coordinate the Threat Intelligence capabilities to achieve:
- Threat Intelligence Sharing: provide secure data sharing and synchronization of events among various entities. It will be able to automatically synchronize events and attributes among different instances.
- Threat Intelligence Enrichment: use Threat Intelligence correlation to find and investigate relationships between various threat elements and attributes such as malware, attacks campaigns or and threat actors.
- Sighting support: the ability to alert other companies and agencies when an indicator is present on a system or network allows SOC teams to be more proactive when facing cyber-attacks.
- Rapid distribution: support rapid deployment of signatures and countermeasures across various entities. It will allow services and applications to gather granular indicators which may be enforced by the security controls across entities.
Diana Sipos, Country Manager Romania, Eviden, Atos Group: “The number of threats and their complexity have increased exponentially as the adoption of new technologies emerges and cybercriminals become more organized. We are proud that our expertise has been recognized by the ECCC, and that we have been selected as the coordinator of CYDERCO, to fight cyber threat on a European level.”
Alex Rusandu, BDS Global Product Director and CyberSec Services External Funding Head, at Eviden, Atos Group: “Eviden will leverage its expert knowledge in Incident Response and Threat Intelligence, its global services and solutions in cybersecurity covering areas such as emergency incident response and managed detection and response, as well as its patented, battle-tested cybersecurity technologies tailored to meet CYDERCO's specific requirements.”
Dan Cîmpean, The Director of Romanian National Cyber Security Directorate: “The CYDERCO project marks a progressive move toward bolstering cybersecurity resilience within the European Union, introducing novel dimensions that promote the evolution of the ecosystem across public and private sector.”
Isabel Praça, Coordinator Professor at ISEP and Senior Researcher at GECAD, and CYDERCO Coordinator: “The CYDERCO project is strategic for the ISEP/GECAD team, as it builds on the work completed during the SATIE and SeCoIIA H2020 projects to achieve high maturity in the solutions developed for SOC analysts. The consortium is highly significant to us, allowing us to collaborate with partners from two different countries, two leading companies, Eviden in Romania and Atos in Spain, which are both recognized leaders in the field. Additionally, we have the privilege of having DNSC as an end-user to test and validate our work in a real-world environment.”
Rodrigo Diaz Rodriguez, Head of Cybersecurity Laboratory, Atos Spain: “CYDERCO will represent a pivotal advancement in fortifying cybersecurity resilience within the EU. Its sophisticated functionalities for threat detection and information sharing will mark a significant stride towards fostering a collaborative ecosystem between public and private entities.”
The project has a duration of 36 months, starting October 1, 2023, and a total budget of €2,881,082, with a funding rate of 50% of the eligible costs of the action. The project consortium is made up of 4 partners from 3 European countries and provides a mix of large industrial entities (Eviden Technologies Romania and Atos Spain), academic institution (ISEP), public sector and technology transfer institution (DNSC). They have well-defined complementary expertise and roles that address the crucial needs to generate high-value outcomes. The partners are well positioned to cooperate and collaborate to respond to the technological challenges of CYDERCO combining technological and scientific know-how, industrial and end user perspective, as well as business and market insight. The partners have all the necessary expertise which is required for the successful completion of the CYDERCO project.
October 1st marks an important milestone of the project: 1 year of hard work. During this time, several deliverables were successfully completed such as the Project Handbook, Stakeholders Analysis, Pilot Definition, Platform Design, and the Dissemination and Communication Plan.