Cybersecurity and Privacy issues are becoming an important barrier for a trusted and dependable global digital society development. Cyber-criminals are continuously shifting their cyber-attacks specially against cyber-physical systems and IoT, since they present additional vulnerabilities due to their constrained capabilities, their unattended nature and the usage of potential untrustworthiness components. Likewise, identity-theft, fraud, personal data leakages, and other related cyber-crimes ar...
Cybersecurity and Privacy issues are becoming an important barrier for a trusted and dependable global digital society development. Cyber-criminals are continuously shifting their cyber-attacks specially against cyber-physical systems and IoT, since they present additional vulnerabilities due to their constrained capabilities, their unattended nature and the usage of potential untrustworthiness components. Likewise, identity-theft, fraud, personal data leakages, and other related cyber-crimes are continuously evolving, causing important damages and privacy problems for European citizens in both virtual and physical scenarios.
In this context, new holistic approaches, methodologies, techniques and tools are needed to cope with those issues, and mitigate cyberattacks, by employing novel cyber-situational awareness frameworks, risk analysis and modeling, threat intelligent systems, cyber-threat information sharing methods, advanced big-data analysis techniques as well as exploiting the benefits from latest technologies such as SDN/NFV and Cloud systems. In addition, novel privacy-preserving techniques, and crypto-privacy mechanisms, identity and eID management systems, trust services, and recommendations are needed to protect citizens' privacy while keeping usability levels.
The European Commission is addressing the challenge through different means, including the Horizon 2020 Research and Innovation program, thereby financing innovative projects that can cope with the increasing cyberthreat landscape. This book introduces several cybersecurity and privacy research challenges and how they are being addressed in the scope of 15 European research projects.
Each chapter is dedicated to a different funded European Research project, which aims to cope with digital security and privacy aspects, risks, threats and cybersecurity issues from a different perspective. Each chapter includes the project's overviews and objectives, the particular challenges they are covering, research achievements on security and privacy, as well as the techniques, outcomes, and evaluations accomplished in the scope of the EU project.
The book is the result of a collaborative effort among relative ongoing European Research projects in the field of privacy and security as well as related cybersecurity fields, and it is intended to explain how these projects meet the main cybersecurity and privacy challenges faced in Europe. Namely, the EU projects analyzed in the book are: ANASTACIA, SAINT, YAKSHA, FORTIKA, CYBECO, SISSDEN, CIPSEC, CS-AWARE. RED-Alert, Truessec.eu. ARIES, LIGHTest, CREDENTIAL, FutureTrust, LEPS.
Challenges in Cybersecurity and Privacy - the European Research Landscape is ideal for personnel in computer/communication industries as well as academic staff and master/research students in computer science and communications networks interested in learning about cyber-security and privacy aspects.
In the recent years, the majority of the world’s Critical Infrastructures (CIs)
have evolved to be more flexible, cost efficient and able to offer better
services and conditions for business growth. Through this evolution, CIs and
companies offering CI services had to adopt many of the recent advances
CIPSEC-Enhancing Critical Infrastructure Protection
of the Information and Communication Technologies (ICT) field. This rapid
adaptation however, was performed without thorough evaluation of its impact
on CIs’ security. It resulted into leaving CIs vulnerable to a new set of
threats and vulnerabilities that impose high levels of risk to the public safety,
economy and welfare of the population. To this extend, the main approach for
protecting CIs includes handling them as comprehensive entities and offer a
complete solution for their overall infrastructures and ICT systems (IT&OT
departments). However, complete CI security solutions exist, in the form of
individual products from IT security companies. These products, integrate
only in-house designed and developed tools/solutions, thus offering a limited
range of technical solutions.
The main aim of CIPSEC is to create a unified security framework that
orchestrates state-of-the-art heterogeneous security products to offer high
levels of protection in IT (information technology) and OT (operational
technology) departments of CIs, also offering a complete security ecosystem
of additional services. These services include vulnerability tests and
recommendations, key personnel training courses, public-private partnerships
(PPPs), forensics analysis, standardization activities and analysis against
Marin, E.; Masip, X.; Forne, J. CIPSEC-Enhancing Critical Infrastructure Protection with Innovative Security Framework. A: "Challenges in cybersecurity and privacy: the european research landscape". Gistrup: River Publishers, 2019, p. 129-148.