UBITECH is participating at the kick-off meeting, in Brussels, Belgium (January 16, 2019), of the SECONDO Marie Skłodowska-Curie Action, officially started on January 1st, 2019. The project is funded by European Commission under Horizon 2020 Programme (Grant Agreement No. 823997) and spans on the period January 2019 – December 2022. The SECONDO H2020 project aims to deliver a unique, scalable, highly interoperable Economics-of-Security-as-a-Service (ESaaS) platform that encompasses a comprehensive cost-driven methodology for: (i) estimating cyber risks based on a quantitative approach that focuses on both technical and non-technical aspects, (e.g. users behaviour), that influence cyber exposure; (ii) providing analysis for effective and efficient risk management by recommending optimal investments in cyber security controls; and (iii) determining the residual risks and estimating the cyber insurance premiums taking into account the insurer’s business strategy, while eliminating the information asymmetry between the insured and insurer. Thus, the SECONDO platform will establish a new paradigm in risk management for enterprises of various sizes, with respect to the GDPR framework, while it will enable formal and verifiable methodologies for insurers that require estimating premiums.
Within SECONDO, UBITECH R&D team will design and develop the Quantitative Risk Analysis Metamodel (QRAM) that quantitatively estimates the exposed cyber risks, as well as the Risk Analysis Ontology and Harmonisation Module (RAOHM), wherein all concepts of the SECONDO ecosystem (e.g. risk, thread, attack type, behaviour, exploitation impact) have to be formally represented, providing a description of concepts and relationships to be used during the formulation of the formal SECONDO ontology, which is a shared conceptualisation of terms that interrelate with each other. For example, the manifestation of a threat would relate with a set of attack types (e.g. spear-phishing). Moreover, UBITECH deliver the Continuous Risk Monitoring Module (CRMM) that ensures that changes on the ontological level, e.g. new threats or updates on digital assets and risk priorities, are adequately propagated. CRMM will be assessing on a continuous basis the risk levels, including the performance of the implemented cyber security controls, allowing for the adaptation of cyber insurance contracts to changing organisational environment and the evolving cyber threat landscape. This module will adopt a private blockchain to form an immutable continually growing chain of blocks that stores assets and information related to security and privacy risk indicators. The blockchain will be updated based on information received from CRMM. Access control will be used to guarantee that only registered clients can read information from the blockchain. In addition to this, UBITECH will contribute in the establishment of the methodology that interprets the output of a risk assessment as a proper input to cost estimation of a cyber insurance contract along with the proper premium, the calculation of which requires a quantification formula that is bound to a methodology, as well as the realization of the Econometrics Module (ECM) that provides estimates of all kinds of costs of potential attacks as well as costs, (e.g. purchase, installation, execution), of each possible security control, (i.e. technical, organisational, procedural, etc.), using a set of existing econometric models. Finally, UBITECH will contribute towards the implementation of the Cyber Security Investment Module (CSIM), which will be responsible to infer optimal investment plans. CISM will be supported by the Game Theoretic Module (GTM) that models all possible attacking scenarios and defensive strategies and then uses game-theoretic techniques to derive optimal defending strategies in the form of Nash Equilibria (NE). CSIM will be equipped with visualisation and reporting widgets to show investment plans along their comparative analysis empowering decision-makers to obtain detailed quantitative parameters.