#	Pagina
attuale pagina	/open-h2020/projects/205792/results.html

Report

Teaser, summary, work performed and final results

Periodic Reporting for period 1 - SecTrap (Critical urban infrastructure and soft target cyber attack protection. Users and application BehaviouralAnalysis supported by artificial intelligence to preempt security cyber attacks.)

Teaser

Summary

Computer security has been constantly threatened by evolving attacks and fresh strategies for data breach and leak. On the last couple of years, the most effective threat strategy used has been Advanced Persistent Threat (APT), which are attacks characterised by the execution of malicious routines orchestrated with a specific target in mind and for being performed over lengthy periods of time. The number of days that the APT attacks remain undetected is the most troubling feature of this malicious activity. Moreover, it can be made from both the outside or the inside of the network which can make these attacks even more difficult to detect. This kind of attacks have been responsible for confidential tax evasion document leaks, credential stealing, fraud and data tampering attacks. SecTrap emerges as a new way of detecting APT attacks and reducing the number of days that these attacks remain undetected using a different approach: our novel and proprietary Virtual Machine Behavioural Introspection (VMBI) technology. The SecTrap platform
leverages this new technique, combined with artificial intelligence techniques, to create na interaction environment for potential attackers to reveal their tactics and to isolate them from the real enterprise network. The average number of days that an APT attack remains undetected for companies operating on the European region (469 days) is substantially higher than the global average (146 days). This is alarming to European companies that deal with sensitive data, so it is only a matter of time until European enterprises start demanding APT detection tools. Therefore, we believe that the lack of European alternatives to the detection of the APT attacks and the European local buying preference will lead to a clear market advantage for SecTrap. We will develop a Minimum Viable Product with just the core features required to add value to the customerâ€™s operations. This initial version of the product is intended to be deployed on a subset of possible customers that can contribute with feedback on which direction the product development should follow. We have established contact with end-users from the pharmaceutical, banking and domain hosting industries in order to have validated each vertical marketâ€™s needs that can be met by the adoption of the SecTrap platform. With this strategy, we consolidate SecTrap as
an innovative and indispensable defence against APT and internal threats for enterprises.

Work performed

The SecTrap project is currently at a major milestone in its business innovation process. VST has made an investment on partnering with an multinacional IT research and advisory firm. This partnership is set to reinforce the improvement and expansion of both the SecTrap project and the company. These efforts have had a positive impact on both business and technical development, preparing go-to-market strategy. On the technical side, the SecTrap platform is being developed on top of a successful proof-of-principle prototype and it is being technically reviewed by IT analysts that have a deep understanding of the solutions available on the target market. On the business development side, we have established contact with end-users from the pharmaceutical, banking and domain hosting industries in order to validated each vertical marketâ€™s needs that can be met by the adoption of the SecTrap platform. With investment on the the consultancy service fee we had the opportunity to make business interactions with the best specialized advisors in DDP technology. The interaction with all analysts was very fruitful since it was possible to have a global overview of the market and technology in which we operate. We had two business coaching sessions (8h) with a specialist in business management to discuss business strategy. Now we are booking other sessions with na IPR specialist to discuss IPR issues within SME Instrument coaching offer. Due to the subscription services with IT consultant we have the opportunity to access many non-public information. We have access to statistics, market analyses, competitors analyses, specific studies about our market, articles from adivisors, trends studies and lists of potential customers that we can ask. ItÂ´s a variety of information which helps us to define our strategy and business plan. Our team was involved in all the interactions we made (12 interactions with technical and go-to-market specialists). We made the financial forecasts with internal resources with this expertise. Visionspace internationalization plan is supported by AICEP â€“ Trade & Investment Agency (http://www.portugalglobal.pt/PT/Paginas/Index.aspx), is a government business entity, focused in encouraging the best foreign companies to invest in Portugal and contribute to the success of Portuguese companies abroad in their internationalization processes or export activities. We have workshops about legal issues and tips to sell in the selected markets provided by the agency. This organism has several country managers in various countries in the world. They help to get the first meetings and give advice on how to do business in each specific market.

Final results

In our study, we conclude that Europe canÂ´t be losing the capability of being competitive in the cybersecurity market, namely in the DDP solutions. In this market, we shown that EUA and Israel are dominating the R&D of DDP solutions, and are starting to sell in Europe through comercial representatives. In Europe companies has to guarantee that they comply all the legal obligations that are in the General Data Protection Regulation (REGULATION (EU) 2016/679), and our product helps to achieve that objective. There are so many opportunities in this market and Europe can lead this business, developing their own solutions. The focus will be in being the most open solution in the market and in reinforce continuous R&D to increment the value added for this kind of technology. Attackers nowadays are more evolved than the software solutions that we have in the market. Mostly of the solutions doesnÂ´t concerns with the attackerâ€™s behaviour, that changes in every intrusion they made. We conclude that our solution get close of the human behaviour and analyse all data to make security stronger. Our project has all the technical and strategic plans suitable to enter the market. Now we need to leverage our strategy and grow our technical team to improve our ability. Our analysis of competitors led us to change the way we were going to build our product. We realized that companies are more open to purchase SecTrap with specific features. So, although companies realize the benefits of all features, we decide to commercialize Sectrap without some features. Then we will sell the other features as an upgrade of the product. In Europe only 3 companies develop solutions in this technlogy, and they are all in the beggining finishing the development of their solutions. This product will have impact in the safety of the critical information, so we will be more secure too. This is a great impact in our lifes, attacks are increasing and the companies has to ensure that they could secure their data. Economic impact of an attack could be big for the companie, and in some cases could contribute to the decline os somes businesses. This protection will save companies money, if we reduce the average time an attack remains undetected from 469 days to zero days it will have economic impact. Companies will have less costs securing their information and will keep the real information safeguarded.