The health sector is steadily becoming the de facto target for cyberattacks. Based on the most recent ENISA report at the end of 2018, cybersecurity incidents have shown that the healthcare sector is one of the most vulnerable. Focusing specifically on Electronic Medical Devices (EMD), they suffer from numerous and multi-layered vulnerabilities . Default, weak or no password authentication for remote connections, unencrypted traffic or obsolete and insecure cryptographic algorithms, unsupported operating systems, outdated, unmanaged and vulnerable software are among the most serious problems that jeopardise both their smooth operation and the data aggregated and stored. The vision of HEIR is to provide a thorough threat identification and cybersecurity knowledge base system addressing both local (in the hospital / medical centre) and global (including different stakeholders) levels, that comprises the following pillars: (i) Real time threat hunting services, facilitated by advanced machine learning technologies, supporting the identification of the most common threats in electronic medical systems based on widely accepted methodologies such as the OWASP Top 10 Security Risks and the ENISA Top 15 Threats; (ii) Sensitive data trustworthiness sharing facilitated by the HEIR privacy aware framework; (iii) Innovative Benchmarking based on the calculation of the Risk Assessment of Medical Applications (RAMA) score, that will measure the security status of every medical device and provide thorough vulnerability assessment of hospitals and medical centres; (iv) The delivery of an Observatory for the Security of Electronic Medical Devices; an intelligent knowledge base accessible by different stakeholders, providing advanced visualisations for each threat identified in RAMA and facilitating global awareness on EMD-related threats. Last, HEIR will set up a broad European network for establishing good security practice in all regulatory frameworks to reduce market access.

Europe needs to step up its efforts and strengthen its very own security capacities to secure its digital society, economy, and democracy. It is time to reconquer Europe’s digital sovereignty. The vision for Europe can only be to join forces across Europe’s research, industry and public sector and to include all talents not just those that have representation in the EU mainstream or are within big organizations. Diversity and inclusion are keys for success. Europe has incredible coverage and talent in the area of IT and cybersecurity. The area of cybersecurity is geographically fragmented across Europe for competences, and often also technically fragmented with problem-specific development of security solutions. There is no doubt that excellent research exists in Europe. Nevertheless, it is a fact that this research does not result in IT products and solutions that contribute to the European Single Digital Market. On contrary, a lot of research, also financed by EU ERC grants, is tested on real data in large US companies that cooperate with them. Europe has to and is already rethinking this strategy. CONCORDIA addresses the current fragmentation of security competence by networking diverse competences into a leadership role via a synergistic agglomeration of a pan-European Cybersecurity Center. The vision of CONCORDIA is to build a community a strong cooperation between all stakeholders, understanding that all stakeholders have their KPIs, bridging among them, and fostering the development of IT products and solutions along the whole supply chain. Technologically, it projects a broad and evolvable data-driven and cognitive E2E Security approach for the ever-complex ever-interconnected compositions of emergent data-driven cloud, IoT and edge-assisted ICT ecosystems.

In recent years, the majority of the world's Critical Infrastructures CIs evolved to become more flexible, cost efficient and able to offer better services and conditions for business opportunities. Towards this evolution, CIs and companies offering CI services had to adopt many of the recent advances of the Information and Communication Technologies (ICT) field. This adaptation however, was rather hasty and without thorough evaluation of its impact on security. The result was to leave CIs vulnerable to a who the new set of threats and attacks that impose high levels of risk to the public safety, economy and welfare of the population. In so far, the main approach to protect CIs is to handle them as comprehensive entities and offer them a complete solution for their overall infrastructures and systems (IT&OT departments). However Complete CI protection solutions exist in the form of individual products from individual companies. These products integrate only and tools/solutions designed by the same company, thus offering limited technical solutions. The main aim of CIPSEC is to create a unified security framework that orchestrates state-of-the-art heterogeneous security products to offer high levels of protection in IT (information technology) and OT (operational technology) departments of CIs. As part of this framework CIPSEC will offer a complete security ecosystem of additional services that can support the proposed technical solutions to work reliably and at professional quality. These services include vulnerability tests and recommendations, key personnel training courses, public-private partnerships (PPPs) forensics analysis, standardization and protection against cascading effects. All solutions and services will be validated in three pilots performed in three different CI environments (transportation, health, environment). CIPSEC will also develop a marketing strategy for optimal positioning of its solutions in the CI security market.

We live in a crucial historical moment, with tremendous challenges ahead, from climate change to the energy crisis. ELIAS emerges from the belief that AI will be a key discipline to help us tackle these challenges. At the same time, the development of AI entails deep ethical and societal concerns that need to be addressed. As for fundamental research, ELIAS will address key scientific questions about how AI can reduce computational costs, serves to model effects of policy decisions on society, and impacts individuals. ELIAS will strive for a deep integration of the fundamental research that takes place in academia and the more applications-focused research from industry. ELIAS builds on and expands the highly successful and internationally recognized European Laboratory for Learning and Intelligent Systems (ELLIS). ELIAS will further develop the excellence criteria and the pillars in ELLIS and implement actions that will support AI researchers and young talents at different stages of their careers. Furthermore, ELIAS will develop a Sciencentrepreneurship track, with the purpose of attracting and empowering talents at the interface of scientific innovation and business and establish original AI solutions that move towards a sustainable long-term future for our planet, contribute to a cohesive society, and respect individual rights. The outcome of ELIAS will be to establish Europe as a leader in AI research in which impact on the environment, society and the individual are integral considerations during development. We will measure the success of this endeavor in terms of key indicators, including the number of new cross-institutional collaborations, the number of cross-disciplinary collaborations, the number of industry-academic partnerships, publications in top conferences and journals, patents, and the number of projects that have resulted in deployed technologies.

Small and Medium size Enterprises (SMEs) are an important driver for innovation and growth in the EU. SMEs also stand to gain the most from innovative technology, because it is complicated and costly for them to set-up and run ICT in the traditional way. Taking into account cyber-security, SMEs do not always understand all the risks and business consequences for the development of technologies without the adequate level of protection against cybercrime. The European Union Agency for Network and Information Security (ENISA) declares on the “Information security and privacy Standards for SMEs” study of 2016 that, despite rising concerns on information security risks, the level of SMEs information security and privacy Standard adoption is relatively low. SMESEC consortium is proposing to develop a cost-effective framework composed of specific cyber-security tool-kit to support SMEs in managing network information security risks and threats, as well as in identifying opportunities for implementing secure innovative technology in the digital market; for this consortium, it is important that SMEs do not only look at cyber-security as an obstacle, but also they understand the business opportunity beyond it. In this scenario, an international group of experts proposes SMESEC as a response to the cyber-security challenges for business companies with a limited background on cyber-security and a restricted budget. The SMESEC project will be developed in 36 months by a competitive consortium of 12 partners from 7 countries, which corresponds to a well-balanced structure, involving big companies, SMEs, research centres and universities. Despite the great diversity of entities within the proposal, SMESEC is an industry-oriented project, since the private companies will cover more than 73% of the total project costs, and will be led by a big company, ATOS, with many years of experience on project management and cyber-security.