Cybersecurity Solutions – The FORESIGHT Project

~ This article was originally published on SecureHospitals ~

 

 

The digitalisation of our society introduces both opportunities and risks[1]. Organisations and businesses from all sectors are increasingly using and integrating IT systems and networking technologies, and thus are proportionally becoming more dependent on continued availability, confidentiality, accuracy and protection of information.

By moving their operational processes into the digital online domain, the threat of cybersecurity breach increases, and the damage it can cause is growing dramatically [2].

Furthermore, global cyberattacks are increasing in number, sophistication and scale which is revealing the severity of threats critical information infrastructures (CIIs) are being exposed to. Here, energy, transportation, finance, public administration and of course the healthcare sector among others, are being especially targeted due to their great societal importance. As a result, cyberattacks will increasingly have a negative economic and societal impact and should therefore be considered as a global risk [3].

EU has recognised these trends, and therefore aims to boost the effectiveness in protecting the freedom and a high level of security of Europe and its citizens. The main goal is to create a secure society, where relevant human factors and applicable social aspects need to be equally considered with technological and engineering aspects when developing innovative solutions. This will have a positive effect on cybersecurity user-friendliness as well as digital privacy and personal data protection objectives.

The FORESIGHT Project has been funded by the EU’s Horizon 2020 programme under agreement number 833673, where the main goal is to increase the cybersecurity preparedness as well as to support secure societies in the EU.

 

Project summary

 

The FORESIGHT project (Advanced Cyber Security Simulation Platform for Preparedness Training in Aviation, Power Grid and Naval Environments) aims to create a state-of-the art platform that will greatly extend the capabilities of existing cyber ranges by allowing them to be a part of a cyber range federation. This will make it possible to enhance the preparedness of cybersecurity professionals at all levels and advance their skills towards preventing, detecting, reacting and mitigating sophisticated cyberattacks. Additionally, it will help to improve the number of talented cyber-security professionals to meet the industry’s current needs at all levels (from junior to senior). This is achieved by delivering an ecosystem of networked realistic training and simulation platforms that collaboratively bring unique cybersecurity aspects from the aviation, smart grid and naval domains. The proposed platform will extend the capabilities of existing cyber-ranges and will allow the creation of complex cross-domain/hybrid scenarios to be built jointly with the IoT domain. In regards to achieving secure societies, FORESIGHT project aims to cover the following:

  • Establish cyber education as a continuous learning process
  • Enforce and encourage accountability of security as a shared responsibility
  • Match / exceed the rapid rate of evolution of cyber-attackers
  • Deliver training curricula for innovative ways to deal with attacks

 

Outcomes of the project

 

The FORESIGHT training environment will serve to improve cyberattack detection and mitigation capabilities in an organisation. One of the outcomes will include a consolidated knowledge base, which can be used for custom training environments according to the desired targets. This will allow to have tailored scenarios and more realistic preparation against cyber-attacks.

Furthermore, an important outcome will be the increased end-user involvement into expressing actual training and simulation needs. Here, the advantage will be the possibility to include even more end-users, belonging to different domains. By delivering a holistic approach to the security culture, cyber-resilience of organisations will be improved, while at the same time, the security awareness and training time and costs will be reduced.

FORESIGHT will collect data from different sources, allowing it to learn from current and new threats. Incorporating new evolving threats such as malware into various training modes will improve stakeholder preparedness as well reduce the risk of a data breach. Furthermore, a whole range of FORESIGHT services, materials and technologies will help organisations to identify and apply appropriate measures for recovering from cyberattacks. As a result, security, resilience and sustainability of organisations will be improved. This in turn, reflects to the whole society in general, where a culture of security is promoted and privacy is being better protected due to reduction of data breaches.

 

Healthcare training environments

 

As a result of digitalisation, the healthcare sector represents one of the biggest targets for cyberattacks, due to the massive amounts of sensitive, confidential and very valuable patient data. Furthermore, outdated systems and personnel without proper cybersecurity experience, are resulting with immense threats and critical vulnerabilities [4]. Simulated healthcare training environments represent a proactive approach, where the human, technological and procedural factors are in focus. Here, specific and realistic scenarios prepared in advance serve to develop new skills in a safe and controlled manner.

The FORESIGHT state-of-the-art flexible approach will allow the subsequent inclusion of new training environments such as healthcare. In this regard, novel training methods, approaches and tools will be used to train against highly sophisticated threats as well as to prevent, detect and properly respond to such attacks. In order to increase the cyber resilience and preparedness in a holistic manner, multiple training programmes at varying degrees of difficulty will serve to prepare the healthcare personnel according to their different levels of responsibility.

 

Positive effect on the healthcare sector

 

Healthcare-based cybersecurity training introduces a number of advantages for the healthcare sector. By being ready to recognize or to recover from a cyber-attack will make it possible to provide a high quality, efficient and reliable service. More importantly, by eliminating threats caused by human error or ignorance will greatly contribute to the safety of patients and to the privacy and trustworthiness of their sensitive health data, which is especially important in life-threating emergency situations [5]. Establishing proper cyber-awareness in healthcare helps to create a better security focused and proactive culture, increasing patient trust and safety. This will make it possible to further invest and explore the digital potential for health innovation and healthcare, aimed at all European patients and citizens.

 

Disseminated by

 

MINDS & SPARKS GmbH, Vienna, Austria

FORESIGHT Project Website: https://foresight-h2020.eu/

 

References

 

[1] Sørensen, B. T. (2018). Digitalisation: an Opportunity or a Risk?.

[2] Mackey, T. K., & Nayyar, G. (2016). Digital danger: a review of the global public health, patient safety and cybersecurity threats posed by illicit online pharmacies. British medical bulletin, 118(1), 110-126.

[3] Bachmann, S. D., & Gunneriusson, H. (2014). Terrorism and cyber attacks as hybrid threats: Defining a comprehensive approach for countering 21st century threats to global risk and security. The Journal on Terrorism and Security Analysis.

[4] Parks, R. C., & Rogers, E. (2008). Vulnerability assessment for critical infrastructure control systems. IEEE Security & Privacy, 6(6), 37-43.

[5] Bertino, E. (2014). Data trustworthiness—approaches and research challenges. In Data privacy management, autonomous spontaneous security, and security assurance (pp. 17-25). Springer, Cham.

 

Keywords

 

H2020, EU project, cyber ranges, cyber training, critical information infrastructures, simulation