Opendata, web and dolomites

Report

Teaser, summary, work performed and final results

Periodic Reporting for period 1 - SAINT (SYSTEMIC ANALYZER IN NETWORK THREATS)

Teaser

The H2020 SAINT project examines the problem of failures in cyber security by using a multidisciplinary approach that goes beyond the purely IT technical viewpoint. SAINT analyses and identifies incentives to improve levels of collaboration between cooperative and regulatory...

Summary

The H2020 SAINT project examines the problem of failures in cyber security by using a multidisciplinary approach that goes beyond the purely IT technical viewpoint. SAINT analyses and identifies incentives to improve levels of collaboration between cooperative and regulatory approaches to information sharing in order to enhance cyber security and mitigate (a) the risk and (b) the impact from a cyber-attack, while providing, at the same time, solid economic evidence on the benefit from such improvement based on solid statistical analysis and economic models.

SAINT collects important information, regarding cyber-threats and relevant vulnerabilities, tangible (assets) and intangible (reputation) risks in order to identify the most relevant indicators and metrics. SAINT analyses these cyber security data metrics with a multidisciplinary methodology, employing analytic frameworks from various scientific disciplines, categorized into the following main scientific activities:
- applied cyber-security metrics analysis;
- regulation focused comparative analysis;
- data mining and data processing automated analysis;
- economic and behavioural theoretic analysis for the development of relevant econometric models.

The project results will benefit all relevant stakeholders in the cyber-security domain: academic researchers, cyber security practitioners, market agents, law enforcement authorities, policy makers, regulators, governmental authorities, by achieving the following objectives:
- establish a complete set of metrics for cyber-security economic analysis, cyber-security and cyber-crime market;
- develop new economic models for the reduction of cyber-crime as a cost-benefit operation;
- evaluate the associated benefits and costs of information sharing regarding cyber-attacks;
- identify the limits of the minimum needed privacy and security level of internet applications, services and technologies;
- identify potential benefits and costs of investing in cyber-security industry as a provider of cyber-security services;
- provide a set of recommendations to all relevant stakeholders to fight cyber-crime through a systemic approach.

Through these activities, the aim of SAINT project is to improve social, institutional and economic comprehension of cyber security failures, facilitate information dissemination and sharing, and improve decision making, governance and investments by the relevant stakeholders.

Work performed

In the first reporting period, the SAINT project identified critical metrics and indicators related to the project objectives, including: open source cyber-security indicator datasets (including ENISA’s top 15); indicators of emerging cyber-threats; Blacklists, Blocklists and Whitelists; security indicators; economic indicators; open source intelligence methodologies for cyber-threats. The project also gathered and analysed evidences from stakeholders, across multiple disciplines, enabling a better understanding of the stakeholders needs and requirements and providing insights on cyber-security and products.

The project also identified current cyber-security failures and requirements to improve the situation at all levels of cyber-security defences and across a variety of sectors. It identified and categorised the vulnerabilities along with the involved stakeholders and their roles, in order to provide guidelines for cost-effective cyber-security methodologies that can be applied as counter-measures for defence against malicious hackers.

The project researched the subject of co-operation between organisations and how it influences their effective performance and allocation of their resources and proved empirically the importance of co-operation through information sharing in minimizing production cost and achieving economic efficiency in the allocation of resources. It also presented models and mechanisms for measuring privacy and for user privacy protection mechanisms.

In the reporting period SAINT project also developed the first version of the project toolset for automated analysis, based on automatic information gathering and analysis tools that extract information from a variety of information sources. These information sources include cyber-security related discussion forums, bug bounties, social network discussions and public vulnerability and data breach incident databases.

From the first reporting period an initial set of recommendations is provided (to be extended and modified in the second year):
- Adopt in-depth comparative analysis for the application of successful practices of individual countries, i.e. Finland
- Improve the cost of cybercrime metrics and econometrics for enhanced ROI calculations by the inclusion of time spent/lost by cybercrime victims
- Improve transparency on cyber security matters within the workplace
- Educate the workforce on the cost to the workplace of cyber security practices
- Further cyber security training & education within the EU to alleviate the acknowledged lack of trained staff
- Improve complementarity among standards and best practices in cybersecurity within the EU
- Standardisation of metrics to enable accurate comparative analysis between surveys/reports.

Final results

SAINT identifies and develops the foremost and trusted metrics and economic indicators of cyber-security. It also identifies the best practices within the cyber security community and Regulators and performs a comparative analysis of cyber-crime victims by region and country.

Regarding the automated analysis framework, the project uses novel crowd-sourcing based methods for gathering, representing, and processing data from various intelligence feeds.

At the end of the project duration SAINT targets to perform a multidimensional and multidisciplinary research and stakeholder and ecosystem market analysis. It will provide a comprehensive mapping and modelling of cybercrime ecosystem. It will identify, analyse and specify each stakeholder category in order to understand and model its actual or potential interactions from an economic perspective. It will also analyse the market and revenue models linked to the cyber-crime; it will use the gathered data to analyse, deconstruct and model the economic flows and interactions that serve as incentives and motivate the cyber-crime economy.

The main socio-economic impact of the project is the following:
- Improve societal understanding of information security failures and how they should be addressed.
- Improve decision making, governance and investments by stakeholders (e.g. policy makers, regulators, law enforcement agencies, market operators and insurance companies).
- Provide new models (that take into account cyber-security economics, risks, social and market aspects) for improving institutional and private initiatives in their quest for societal resilience to cybersecurity risks.
- Facilitated information dissemination and sharing for the public and registered users.
- Develop a set of recommendations to fight cybercrime through systemic approach impacting the economic and incentive models of cybercrime.

Website & more info

More info: https://project-saint.eu.