An innovative tool for monitoring security and cyber-security risks

The Italian SME innovative tool is suited for monitoring security and cyber-security risks in complex organizations. System users can spoil relevant cybersecurity issues before problems are detected by network or endpoint sensors and support also the identification of ‘precursors' of cybersecurity incidents (e.g., recurrent emails hiding highly targeted phishing campaigns, problems and delays in system usage covering an ongoing Disk Operating System (DoS) attack, etc.). By adopting the “Humans as Sensors” approach, staff and employees are encouraged to provide short qualitative narratives about issues and any kind of problem experienced in their daily work through a usable and simple web-based reporting tool. The Innovative tool will semi-automatically analyze the relevance of the risks and group them in organizational categories of concern (e.g., procedures, tools, environment, etc.) enhancing the organization [Cyber-]Security profiling and the capturing of weak signals of incoming attacks or attempts. More in detail, the innovative tool application will support the following steps: 1. Collect qualitative narratives from staff about issues experienced in their daily work (front-line operators, back-office, Sys-admins, managers, security officers, etc.). - Employees are invited to submit a narrative about “something that caused you to hassle during your work during the previous week”. Staff is encouraged to use their own language and style. No further guidance or restrictions are provided (issues not necessarily linked to security). Narratives are entered into a database with identifiers removed. 2. Analyse their relevance for Security and group them in organizational categories of concern (e.g. procedures, tools, environment, etc.) - Narratives are discussed and annotated (for clarification) collaboratively by a domain expert and a security expert to understand if they are vulnerabilities, weak signals/precursors, symptoms of an ongoing attack. Narratives are analyzed and grouped into categories (e.g. equipment, network, mobile devices, password management, staff, procedures, etc.) by use of tags. Non-security issues relevant to other key performance areas (KPAs) are forwarded to those who may be concerned. 3. Assess impact: survey the staff on collected issues and prioritize them in a rank - Questionnaires are periodically sent to the staff (selected sample or all employees) to understand the magnitude of concern (how many people are affected by the identified issue?). All the issue are prioritized collaboratively involving also the staff to increase cyber-security culture and foster engagement on security issues. 4. Execute improvements for quick wins and plan long-term changes - The result is a ranking of both concerns and critical organizational areas, with a collaborative approach. Solutions and improvements can be planned according to severity, frequency of concern, and available budget. Implemented solutions are presented to the staff to show enhancement. Dashboards and trends help the decision-making process by proposing aggregate and detailed data views. In addition, motivation for security measure acceptance from the employees and managers will be analyzed and taken into account to enhance the end-users Cyber-Security Culture through dedicated awareness, gaming, and training activities. The overall innovative tool collaborative process will have a positive impact on engagement and future reporting of problems related to security. The company is looking for commercial agreements with technical assistance and research cooperation agreements. The goal is to assess new potential markets, to develop and design ad-hoc solutions to integrate them in different contexts. Europe collaborations are preferred but the SME is open also to extra-EU agreements.