Written by Notis Mengidis – Cybersecurity Research at Information Technologies Institute (ITI), CERTH
The bigger picture
In line with the needs of the ECHO project, the task of the detailed analysis of transversal technical cybersecurity challenges, using a technically focused, comprehensive and holistic approach, is responsible for setting up the necessary research foundations for developing cybersecurity technology roadmaps. The strategic goal of those roadmaps is to assist in the development of innovative technologies aiming to address contemporary cybersecurity challenges and is thus an important input towards achieving the research goals of the ECHO project in improving the proactive cyber defence of the European Union.
The methodology
This analysis builds on the research outcomes of the multi-sector needs analysis that takes place in WP2 of the project, and takes into account the latest industrial reports and academic publications, covering multiple stakeholders’ points of view, and highlighting challenges that span over different and multiple sectors. Subsequently, the threats and concerns identified in these sources were converted to a long and exhaustive list of challenges. To classify these challenges, some of the most widely accepted standards of taxonomies were examined and was concluded that the holistic taxonomy proposed by JRC was the most appropriate and precise to be used as the basis of the conducted analysis since it provides a more expressive and representative view of the task’s given context. The diverse expertise of more than 20 different contributors was utilised in order to avoid bias and to take into account different perspectives when conducting this analysis. The result was a classification of 10 categories, aligned with the JRC taxonomy and encapsulating all of the identified challenges.
The added value
The current research outcomes highlight respectively common transversal and inter-sector technical challenges that need to be addressed during the development of the ECHO roadmaps. The analysis resulted in the identification of a total of 83 technical cybersecurity challenges: 57 transversal challenges and 26 inter-sector challenges. Each identified challenge presented includes a detailed description, the mitigation techniques, along with the opportunities derived from the availability and effectiveness of those proposed techniques and solutions. This leads to a much-needed structured input for the development of the inter-sector technology roadmaps, the early prototypes selection, research and development as well as the ECHO technology assets (E-EWS, E-FCR).
The steps ahead
Given the evolving nature of cybersecurity, and the progress of the ECHO project there are many challenges that need to be discussed as we progress through the next stage of the task. The deliverables will be updated before the end of the project to include the latest developments in the cyber threat landscape, widening their research scope to include questionnaires answered by cybersecurity practitioners and professionals, and use the input of dedicated workshops specifically held for this purpose. The focus of the second iteration will be more on the emerging challenges, rather than on the currently existing ones