Together with KPN, Software-as-a-Service (SaaS) company BIZZdesign and software company VMware, TNO has signed an agreement to complete the development of an automated cybersecurity platform and make it ready for the market. Last year, an important step was taken with the development and testing of a working prototype. With this agreement within the ASOP (Automated Security Operations) Consortium, the aim is to further develop the prototype in order to have an interoperable platform that can defend against automated cyber-attacks in place by 2024.
This platform will enable Dutch companies and organizations to automate their cyber operations, taking into account the consequences for business continuity. Making such technology widely available is essential for protecting the Dutch digital economy in the erratic cyber landscape.
Cyber-attacks are becoming more sophisticated as well as increasingly automated. At present, most organizations can hardly keep up with the speed and developments of these digital threats. Human action alone to repel these attacks is therefore no longer sufficient.That is why in 2020, with support from the Ministry of Economic Affairs and Climate Policy, the ASOP Consortium was launched with the aim of developing an automated security operations platform within several years in a public-private partnership between Dutch cyber security companies, public organizations and TNO.
The ASOP platform intends to increase the resilience of organizations against cyber-attacks, protecting them in an effective and efficient manner. The platform empowers organizations to perform the analysis of and decision making on cyber threats as part of the organizational risk management process. On the one hand by supporting an adaptive cybersecurity strategy based on the business impact of attacks. On the other hand by providing a modular and vendor independent platform, enabling organizations to use the best-of-breed cybersecurity solutions.
Automatically averting cyber-attacks; how does it work?
Firstly, innovative machine learning algorithms ensure accurate detection of cyber-attacks in IT infrastructure, with a very low probability of a costly false alarm. After detecting a cyber incident, a decision on the best possible response is made automatically based on combined data streams and the impact on business continuity. Finally this leads to automatic adjustments in the IT infrastructure to mitigate the impact, without having to temporarily take the functionality offline. This is possible because the architecture and configuration of IT infrastructures are increasingly defined in software rather than hardware.
Halfway through the process
In the current research phase, the goal is to further refine the ASOP platform to communicate with existing security solutions and the different modules from various suppliers. With this, the platform offers an answer to a more diverse spectrum of digital threats. Together with BiZZdesign, VMware and KPN, the prototype can be further developed and validated based on their environment. After that, the final phase will focus on operationalizing the platform.
“This prototype means we are taking a big step towards a cloud-based platform for automated security operations”, says Noura el Ouajdi, Sr. Manager Innovative Ecosystems Cyber Security at TNO. “The platform includes several innovative applications such as a modular and scalable architecture that makes it accessible for current and future cyber security products. Changes or configurations in the IT infrastructure are carried out at machine speed and the platform uses open standards and protocols, which significantly reduces dependence on suppliers. In the near future, this platform will support end users such as government, logistics and healthcare to automatically identify and detect cyber security risks based on the impact these risks have on the organization’s business continuity.”