Skopos.AI secures critical EU infrastructure with Horizon-2020 funding

Critical Infrastructure is essential for the proper functioning of society´s economy, health and safety. While many critical infrastructures have implemented cyber security technologies, the issue of cyber risks identification across employees, contractors and service providers still remains a major concern.

The EU wants to further bolster the security of critical infrastructure as part of the Horizon2020 scheme.  Skopos was selected with their project to improve the security of Critical Infrastructure by identifying information security risks in the supply chain. Skopos performs a continuous audit on people, processes and IT. The project will be showcased in the Port of Galati, Eastern Romania.  

Attractive target

Critical Infrastructure are attractive targets for hostile entities. When the controls systems for many critical infrastructure were build, cybersecurity was not yet a major concern. However, this causes security issues in the era of IoT, ransomware and social engineering. While many critical infrastructures have implemented cyber security technologies, the issue of cyber risks identification across employees, contractors and service providers still remains a major concern, implying to require Contractors/Service Providers to prove that they also have implemented (expensive) cyber security systems. 

Boards need assurance on cyber risks

It is important for board members to have insight and assurance on their information security risks, both internally and on their vendors. Within the short future, NIS2 will make this requirement even more urgent, also for parties in the supply chain. Cyber security solutions available on the market may be very effective but are standalone solutions. Their lack of integration makes it very costly for IT staff to aggregate the data into a simple yet understandable risk scoring for executives. Most tools are inherently closed systems, yet executives, auditors and insurance companies need a holistic assessment of information security risks in order to ensure business continuity and protect their reputation. Annual penetration tests are not sufficient, as new vulnerabilities, exploits and data leaks are published on a daily basis. 

CyberSec2SME: A Skopos and BeiA collaboration 

The objective of the CyberSec2SME project is to give board members of the Port of Galati in Romania, a highly critical infrastructure, the assurance they need on the information security of their organisation and their vendor BeiA in the supply chain. The assurance will cover people, processes and the IT. Subcontractors, like BeiA in this project, can use the Skopos audit to demonstrate they are compliant. Skopos has developed a platform that delivers a unique continuous holistic (i.e. testing continuously key cyber risk drivers) cyber risk audit, including advice on threat mitigation and tracking of progress. The tests include (a) employees’ cyber awareness, phishing tests and breached data, (b) risks via end-point software and (c) scans of websites & internal network 
 

Complex IT asks for innovative continuous audit

Skopos.AI will deliver a continuous cyber audit on a highly complex and sensitive IT and Data environment of the Port of Galati. A process within the port is operated by contractor BeiA and BeiA systems. Skopos task is to detect, report, recommend and track progress and deliver a continuous dashboard delivering daily actionable insights, monthly executive reporting to keep the port secure. Reporting will be in line with ISO27001 and requirements for Critical Infrastructure. BeiA employees are tasked with introducing real world risks and human errors. Skopos´ task is to detect these risks in a timely matter and report, recommend & track progress. Assurance will be delivered via a secure operational dashboard and monthly executive reporting. The project will run for one year.  

Together with BeiA, Skopos aims to protect the Port of Galati against targeted exploits but also against random attacks, thereby preventing a chain of reaction that could cause serious damage to this highly critical infrastructure.  
 

This project has received funding from the European Union’s Horizon 2020 research and  innovation programme under grant agreement No 101005292.

Interested in Skopos?

Read more

  • Skopos.AI secures critical EU infrastructure with Horizon-2020 funding
    Critical Infrastructure is essential for the proper functioning of society´s economy, health and safety. While many critical infrastructures have implemented cyber security technologies, the issue of cyber risks identification across employees, contractors and service providers still remains a major concern. The EU wants to further bolster the security of critical infrastructure as part of the Horizon2020 scheme. Skopos was selected with their project to improve the security of Critical Infrastructure by identifying information security risks in the supply chain.
  • Skopos Security Course: security headers
    Security headers: welke zijn belangrijk en waarom? Je website heeft beveiliging nodig