Strengthening Cybersecurity in Europe: The CYDERCO Project

In an era where cyber threats are becoming increasingly sophisticated and pervasive, the need for robust cybersecurity measures has never been more critical. The European Union is taking significant steps to bolster its defenses against these threats, and one of the most ambitious initiatives in this regard is the CYDERCO project. Coordinated by Eviden, a leading technology firm, this project aims to enhance the capabilities of Security Operations Centers (SOCs) across Europe.

Overview of the CYDERCO Project

Launched on October 1, 2023, the CYDERCO project (CYber DEtection, Response, and Collaboration) is a three-year initiative co-funded by the European Commission and the European Cybersecurity Competence Center (ECCC). With a budget of €2.88 million, the project brings together a consortium of four partners: Eviden in Romania, Atos in Spain, the Instituto Superior de Engenharia do Porto (ISEP) in Portugal, and the Romanian National Cybersecurity Directorate (DNSC).

The primary objective of CYDERCO is to develop, test, and validate a comprehensive platform that enhances the detection and response capabilities of SOCs. This platform will serve both private and national entities, equipping them with the tools necessary to combat cyber threats that jeopardize network and information systems across the European Union.

Enhancing SOC Capabilities

The CYDERCO platform is designed to provide SOCs with critical information about threat actors, their tactics, techniques, and procedures (TTPs), as well as indicators of compromise (IoCs). By improving collaboration and efficiency, the platform aims to foster a proactive approach to cybersecurity, enabling SOCs to respond swiftly and effectively to potential threats.

Key Features of the CYDERCO Platform

1. Data Analytics Platform: This feature will empower SOCs to detect, investigate, and respond to cybersecurity threats efficiently. Built using modern technologies, the platform will be stable, scalable, and responsive, ensuring that SOC teams can operate effectively under pressure.

2. Network Traffic Analysis (NTA): NTA will monitor network activity to identify malicious activities, such as malware or abnormal traffic patterns. This capability is crucial for early detection of potential threats.

3. Host Intrusion Detection Service (HIDS): The project will develop an advanced host-based intrusion detection system that works across multiple platforms, including Linux, Windows, and Mac. This system will enhance detection capabilities for various types of malicious activities, including rootkits and malware.

4. AI-Driven Analytics: Traditional Security Information and Event Management (SIEM) solutions often struggle to detect complex or unknown attacks. By leveraging artificial intelligence for data analysis, the CYDERCO platform aims to provide superior detection capabilities, defending against next-generation cyberattacks.

5. Threat Intelligence Capabilities: The platform will facilitate secure data sharing and synchronization of events among various entities, allowing for rapid distribution of signatures and countermeasures. This feature will enable SOC teams to be more proactive in their defense strategies.

Collaborative Efforts and Expertise

The success of the CYDERCO project hinges on the collaboration between its partners, each bringing unique expertise to the table. Eviden, with its extensive knowledge in incident response and threat intelligence, will lead the project. Atos, a global leader in digital transformation, will contribute its cybersecurity solutions and services. ISEP will provide academic insights and research capabilities, while DNSC will serve as an end-user, testing and validating the platform in real-world scenarios.

Voices from the Project

Alex Rusandu, BDS Global Product Director at Eviden, emphasized the importance of leveraging expert knowledge in cybersecurity to meet the specific requirements of the CYDERCO project. He stated, "Eviden will leverage its expert knowledge in Incident Response and Threat Intelligence, its global services and solutions in cybersecurity covering areas such as emergency incident response and managed detection and response, as well as its patented, battle-tested cybersecurity technologies tailored to meet CYDERCO’s specific requirements.”

Dan Cîmpean, Director of the Romanian National Cyber Security Directorate, highlighted the project’s significance in enhancing cybersecurity resilience within the EU. He remarked, "The CYDERCO project marks a progressive move toward bolstering cybersecurity resilience within the European Union, introducing novel dimensions that promote the evolution of the ecosystem across public and private sectors.”

Looking Ahead

As the CYDERCO project progresses, it aims to achieve several milestones, including the completion of a Project Handbook, Stakeholders Analysis, Pilot Definition, Platform Design, and Dissemination and Communication Plan. The collaborative efforts of the consortium partners will be crucial in addressing the technological challenges posed by cyber threats.

The project not only represents a significant investment in cybersecurity but also reflects a commitment to fostering a collaborative ecosystem between public and private entities. By enhancing the capabilities of SOCs, CYDERCO aims to create a safer digital environment for all European citizens.

In conclusion, the CYDERCO project stands as a beacon of hope in the ongoing battle against cyber threats. With its innovative approach and collaborative spirit, it promises to strengthen the cybersecurity landscape in Europe, paving the way for a more secure digital future.