Health care is an essential service that uses a great deal of sensitive personal data which has a high black market value being a lucrative target for data theft and ransomware attacks.The EU NIS Directive (EU 2016/1148) and GDPR (EU 2016/679) will harmonize and improve information security in Europe. Both require relevant ICT infrastructure operators to perform risk assessments, introduce appropriate security measures to manage identified risks, and report security breaches. Unfortunately, risk-based approaches are notoriously difficult to implement in a consistent and comprehensive fashion. They depend on a high level of understanding of both cybersecurity and of the system or network to be protected, are labour intensive and costly and typically done by small teams. This is increasingly inappropriate as health care providers introduce IoT systems, cloud services and (in the near future) 5G networks to provide services in which patients are more engaged, may own some of the devices used, and want access in hospitals, on the move or at home. The ProTego project will develop a toolkit and guidelines to help health care systems users address cybersecurity risks in this new environment by introducing 3 main advances over current approaches: Extensive use of machine intelligence: a combination of machine inference exploiting a priory knowledge for security-by-design, and machine learning from data for run-time threat detection and diagnosis; Advanced data protection measures: advanced encryption techniques and hardware based full memory encryption, and multi-stakeholder IAM to control access to and by user devices, to protect data at rest and provide ultra-secure data exchange portals; Innovative protocols for stakeholder education: using security-by-design analysis to target training and support stakeholders to contribute to networok overall security.The toolkit will be integrated and validated in IoT and BYOD-based case studies at two hospitals.

CyberKit4SME aims to democratize a kit of cyber security tools and methods enabling SMEs/MEs to: Increase awareness of cybersecurity risks, vulnerabilities and attacks; Monitor and forecast risks; Manage risks using organisational, human and technical security measures with greater confidence; and Collaborate and share information in a collective security and data protection effort. Tools developed in the project are: Semi-automated ISO 27005 threat identification and risk mitigation analysis, using a knowledge base of technical and human/organisational risk factors; Encryption and isolation tools to protect data being stored, processed or exchanged; Security information and event management, using multiple data sources for threat detection and diagnosis, Blockchain tools for SMEs/MEs to share intelligence and incident reports with supply chain partners and with CERTs. CyberKit4SME will make its tools cheaper and more usable by SME/ME, by 1) Exploiting synergies between tools in the kit to simplify the use of each; 2) Sharing information to increase the data available for threat detection and diagnosis at each SME/ME; 3) Embedding intelligence (e.g. machine reasoning and data analytics), to fill gaps in inputs and automate tasks such as risk analysis and security configuration. The project will also use its tools and cyber range demos to train SMEs/MEs to identify their top threats and recognise and address them with greater confidence. Results will be validated by SME/ME in four critical sectors: Finance, Health Care, Energy and Transport. Outcomes include reducing the time/cost of cyber security awareness and protection, simplifying meeting and demonstrating compliance with NIS Directive and GDPR, protecting distributed assets from cloud services to edge devices, and engaging in secure supply chains with larger organisations. The project will also collaborate with related research projects and disseminate widely in the scientific community and in SME networks.