The EU needs a strategic autonomous cyber threat Early Warning System (EWS) to exchange cyber threat warning and incident data. The ECHO consortium funded by the EU’s H2020 Research and Innovation Programme is building such a warning system with partners from 15 different member states. Its goal is to enhance cyber threat responsiveness cross border and cross sector by acquiring, analysing and divulging threat intelligence among ECHO organisations and future partners.
The cyber threat Early Warning System (EWS) that the ECHO consortium is building fuses operational security with organizational level decision-making. What this means is that the organizations can use EWS to handle the internal incidents and if they see a benefit in sharing it with their trusted partners, they are also able to do that easily. It is a distributed platform for information sharing across organizational boundaries with granular control over the shared data.
The ECHO EWS has a modular architecture that enables customizable trustworthy environment to share threat intelligence. Its core functionality is enriched by plugins which offer extended reporting capabilities, extended cross sector cyber threat analysis and information sharing for different cybersecurity roles (such as technical roles and strategic management/executive roles).
The ECHO EWS provides organisations with a common operational cyber threat situation picture, for different types of users (from technical cyber experts to management executives). It enables users to receive role-specific warning, relevant to their business and sector, thus providing simplified common operational cyber threat situation picture, for all types of users (technical to executive).
It will deliver a dashboard displaying warning messages based on priority (impacted by user, trust score and quality score). The three main innovation points are the guaranteed trust of the cyber threat intelligence sources, the filtering of data based on quality metrics and an ecosystem of cyber threat plugins.
The strong competitive advantage of the ECHO EWS is the diversity of the background of the consortium partners building it: various industries from multiple verticals, SME’s in cybersecurity, research agencies and universities. It allows to tackle one of the key issues with any EWS: trust. The consortium partners are experienced in cyber security, cyber threat warning systems and a number have their own Computer Emergency Response Team (CERT).