Technology which aims to strengthen the proactive cybersecurity defense of the European Union

by Fabrizio De Vecchis – Technical Project Manager

The ECHO Early Warning System (E-EWS) is a technology which aims to strengthen the proactive cybersecurity defense of the European Union through effective and efficient collaborative information sharing.

It enforces trust and cooperation among a network of cybersecurity centers and a central competence hub, by offering trusted and secure incidents handling, collaboration and early information sharing capabilities. The E-EWS is the outcome of a common effort by experts from both the scientific research community and the industry to support and enhance the activities of computer incident response teams (CIRTs) and security operations centres (SOCs)

Its development is performed within a work package of the project which ends in December 2020. The next years of the project will be used by the team to bring the platform to the expected TRL9. The creation of the instances’ federation is starting by means of installing E-EWS at the cybersecurity centers. The team is also performing tabletop exercises which are helping the team to steer properly the development in according to the stakeholders ’reporting.

Warnings are what enables E-EWS to exchange data early about events that companies might want to inform partners about. The team is building an extendible and rich data model, which is also machine and human understandable, through a comprehensive set of possible attributes to record in the Warnings, to provide a rich context model and fixed data types. To further enrich the domain, connections to our other existing domain objects and advanced correlation and tagging capabilities have been introduced.