The EU is sponsoring a project to boost internal communication around cyber threats in Europe. Eviden will be coordinator of that project.
Eviden will coordinate the new European CYDERCO project. That project aims to improve the capabilities of Security Operations Centers (SOCs) within the European Union. The entire undertaking will last three years and is co-funded by the European Cybersecurity Competence Center (ECCC). The EU’s intention is to develop a platform that optimizes the detection and response to cyber threats.
Strong together
One of the weaknesses in cyber defense in the EU today is the fragmented approach. There are no robust mechanisms to share important data on attacks and threats across national borders. CYBERCO should change that. The CYDERCO acronym stands for “Cyber Detection, Response and Collaboration. The project has four main objectives:
- Threat Intelligence Sharing: The project should enable secure data sharing and synchronization of events between different entities. Events and attributes can be automatically synchronized between different instances.
- Threat Intelligence Enrichment: The platform will support Threat Intelligence correlation to find and investigate relationships between different threat elements and attributes, such as malware, attack campaigns and threat actors.
- Signaling support: There will be an ability to alert other companies and agencies when an indicator is present on a system or network. This enables SOC teams to respond more proactively to cyber attacks.
- Rapid distribution: The platform will support rapid deployment of response capabilities, including rapid distribution of signatures of new malware.
Analysis
The project should improve the cooperation and responsiveness of SOCs within Europe. The platform that Eviden will coordinate will provide SOCs with advanced cyber threat intelligence, including detailed indicators of compromise (IoCs) and techniques of threat actors. This information should enable SOCs to respond to attacks more effectively and quickly.
The platform will include several features:
- Data analytics platform: it allows SOCs to quickly detect, investigate and address threats. The system is designed to be scalable and stable.
- Network traffic analysis: By monitoring network activity, the platform can detect malicious traffic.
- Host Intrusion Detection Service (HIDS): This feature provides protection for various operating systems, including Linux, Windows and Mac, and can detect rootkits and malware, for example.
- AI-driven analysis: To detect more complex and unknown attacks, the platform uses artificial intelligence for data processing.
Partners and collaboration
The consortium behind the CYDERCO project consists of four partners: Eviden in Romania, Atos in Spain, the Instituto Superior de Engenharia do Porto (ISEP) and the Romanian National Cybersecurity Directorate (DNSC). Each of these partners brings expertise ranging from technical knowledge to experience in public security. This collaboration will allow CYDERCO to support SOCs across Europe to detect threats and share threat intelligence. The project has a budget of about €2.88 million and receives support from the European Union.