Our proposed GEIGER will be an innovative solution with associated components and an Education Ecosystem addressing security, privacy and data protection risks of and for Small and Medium-sized Enterprises and Microenterprises (SMEs&MEs) in Europe. GEIGER will be developed in analogy of a GEIGER counter for detecting atomic radiation threatening human life. The GEIGER solution will be used for assessing, monitoring, and forecasting risks and reducing these risks by improving the SMEs’&MEs’ security with well-curated tools, and an education program targeting practitioners-in-practice as “Certified Security Defenders” bringing security expertise sustainably to SMEs&MEs using existing vocational education frameworks. GEIGER consist of a GEIGER Indicator that dynamically summarizes the current level of risk by evaluating measures undertaken for security defences among the participating SMEs&MEs. The GEIGER Indicator can be personalised by registering the enterprise’s profile and supports GDPR-compliant sharing and exchanging data about incidents. The GEIGER Toolbox allows stepwise do-it-yourself assessment and improvement of the SMEs’&MEs’ security, privacy, and data protection with lightweight controls and advice for improved protection at varied levels of sophistication. The included tools offer endpoint, server, and network protection and guide the SME&ME in a personalised manner in data hygiene, including access and security control, data privacy management, and backup practices. The GEIGER Education Ecosystem offers experimental-based training and cyber range-enabled challenges and will be integrated into curricula of diverse professions of non-ICT experts, offering direct impact on SMEs&MEs through target group-oriented education. The GEIGER solution will be demonstrated in three complementary use cases within three countries. GEIGER will achieve sustainable impact by raising awareness of more than one million SMEs&MEs within a period of 2.5 years after start.

Uptake of IoT and AI driven ICT systems in Europe is crucial for our common future, but it is dependent on our strategic ability to protect these systems from cyber threats and attacks on their privacy. IRIS addresses this challenge with a collaborative-first approach centered around CERTs/CSIRTs. From a technological perspective, it deploys (i) autonomous detection of IoT and AI threats, enriched with (ii) privacy-aware intelligence sharing and collaboration, and (iii) advanced data protection and accountability. Crucially, IRIS introduces (iv) the first dedicated online training and cyber exercises to prepare CERTs/CSIRTs to collaboratively protect critical infrastructures and systems against cross-border AI and IoT threats. IRIS will be validated in three pilot demonstrators, focussing in the IoT, AI and cross-border dimensions, across three existing smart city environments (in Helsinki, Tallinn and Barcelona), involving the associated national/governmental CERTs/CSIRTs, cybersecurity authorities and municipalities. The scenarios will contain real-life inspired cyber incidents that will build up into pilots at all levels (from local to national and to cross-border) to showcase the versatility of the IRIS solution. With 19 key partners from around Europe and 5 CERTs/CSIRTs as Associated Partners, IRIS’s solid consortium composition and work plan prioritises the effectiveness needed for quick real-world adoption and impact. Moreover, integration will be carried out on the EU’s existing MeliCERTes platform, with the support of NETCOMPANY-INTRASOFT, while training will build upon THALES’s existing cyber range, and ECSO will ensure the contribution to standards and policymaking. With the formal support of the four H2020 Cybersecurity Competence Network Pilot Projects, IRIS will also actively engage with the full scope of the cybersecurity ecosystem in Europe.

The SECANT platform will enhance the capabilities of organisations’ stakeholders, implementing (a) collaborative threat intelligence collection, analysis and sharing; (b) innovative risk analysis specifically designed for interconnected nodes of an industrial ecosystem; (c) cutting-edge trust and accountability mechanisms for data protection and (d) security awareness training for more informed security choices. The proposed solution’s effectiveness and versatility will be validated in four realistic pilot use case scenarios applied in the healthcare ecosystem. Ultimately, SECANT will contribute decisively towards improving the readiness and resilience of the organisations against the crippling modern cyber-threats, increasing the privacy, data protection and accountability across the entire interconnected ICT ecosystem, and reducing the costs for security training in the European market.

With the emergence of the digitization of information, ICT infrastructure and communications gave an unprecedented push towards the realization of truly interconnected passenger transport ecosystems at city-level. The emerging notion of multimodality supports a plethora of diverse transport services, typically offered from a central location. There however, the complex interconnected infrastructures ease the cyber-threats propagation while the underlying mosaic of fleets, personal hand-held devices and non-standardized data types increase the system's attack surface and require the authorities collaboration to proactively handle severe incidents. CitySCAPE leverages the skills and mature technology of its 15-partner consortium to systematically explore all different cybersecurity dimensions of multimodal transport. These dimensions will drive a characterization of the cyber-threats in the ICT multimodal transport, extended to the close-by power and financial sector. Innovative software tools will be introduced to estimate the threats propagation in the system. Then, CitySCAPE will realize a modular software toolkit enabled to be seamlessly integrated into any multimodal transport system to: a)detect suspicious traffic-data values and identify persistent threats; b)evaluate an attack's impact in technical and notably in financial terms; c)combine external knowledge and internally-observed activities to enhance the predictability of zero-day attacks; d)instantiate a networked overlay to circulate informative notifications to CERT authorities and support their interplay. The CitySCAPE solution will be tested over a timely set of use-cases involving ticketing applications, cyber-fraud and location data in the regional transport system of two European cities, where extensive experiments will showcase its effectiveness. The findings will steer training sessions of expert/non-expert audience and shape a strong standardization contribution to security (labelling) protocols.

Amidst an increasingly interconnected and complex world, the provision of essential services remains crucial for the well-being of European citizens and the smooth functioning of the internal market. Yet, the ever-evolving landscape of risks, ranging from cyber threats, physical attacks, and human errors to natural disasters, demands a proactive and collaborative, pan-European approach to ensuring disruption resilience. Therefore, ENDURANCE is driven by the critical need to fortify Europe’s essential services against potential disruptions, transcending the sole focus on the underlaying critical assets. Recognizing the significance of the CER and NIS2 Directives in setting the groundwork for resilience and, in parallel, the current silo approach to the Critical Infrastructure (CI) resilience and the business continuity of essential services they provide, we will assist the CI authorities across the EU in fully grasping and harmoniously implementing both directives. By comprehensively understanding and preparing for the demands of these legislative measures (and their national implementations), we aim to empower the EU MS authorities and CI operators with the know-how, methodologies, services, and strategies needed to navigate the complexities of disruption resilience effectively. With a team of 9 excellent research, technology, and business developing organisations (all with vast experience in INFRA projects), and with 7 EU MS authorities and 6 CI operators representing 6 critical sectors and 4 EU MS, ENDURANCE will: (i) Enhance strategic cooperation and collaboration among the CI stakeholders at all levels. (ii) Develop datasets, registries, methodologies, technologies, and services (at TRL6-7) for secure sharing and federated processing of CER-relevant data, joint assessment of relevant risks and resilience, and large-scale stress-testing of preparedness. (iii) Provide harmonised and pragmatic strategy for the continuity of the interconnected essential services.