Shared Research Program (SRP) Cyber Security

The aim of the SRP is to improve the prevention and detection of cyber-attacks and the recovery thereafter. We do this by developing innovative technologies and methods based on expertise in the areas of security technologies and methodologies, data analytics, crisis management, behavioural sciences, information services and business analysis.

The SRP involves a multi-year commitment, in which the partners explore four lines of research:

• Monitoring & Response – the aim is to improve the detection of cyber security incidents, and improve the response to incidents once they are detected, through innovation in monitoring and response technologies and processes.
• Controlled Resilience – the aim is to improve organizations’ cyber resilience, through innovation in resilience technologies and processes. Cyber resilience is defined as an organization’s ability to cope with cyber attacks on its infrastructure or electronic services.
• Cyber Intelligence – the aim is to share threat intelligence more effectively, and to use it for the early detection and prevention of cyber attacks.
• Human Factors in cybersecurity - the aim is to research the human factor in cyber security. It involves the human in cyber security situations, and  includes cyber criminals, victims of cybercriminals (e.g., banking employees and customers) and professionals that play a role in tackling cybercrime (e.g., SOC analysts, software developers).

By collaborating with our partners, we are able to ensure the relevance of our research and the valorisation of the expertise we are developing, which in turn will generate economic impact. This collaboration takes places in three areas:

• Collaborative working - project teams of all projects within the program are staffed by TNO and staff members of all participating partners.
• Sharing data - the partners in the program provide (anonymized) real data to evaluate innovative security methods.
• Shared funding - every partner pays a part of the costs of the program and contributes in-kind. The Dutch government contributes to the funding.

The development of innovative technologies and methods will:

• reduce the losses and impact caused by cyber-attacks;
• improve our ability to control cyber security risks;
• increase the extent to which electronic services are used as a result of increased trust.

One of the SRP cybersecurity goals is to share the results with the security community, so the society as a whole will be more resilient against cyber attacks. One of the means to reach this goal is publishing the SRP magazine, which can be downloaded below.

Interested parties from any sector are welcome to join the SRP.

Measuring the state of resilience

Financial Institutions have invested heavily in provisions that ensure an appropriate level of cyber resilience. But what is true cyber resilience and to which extent are current measures achieving it? And equally important: which capabilities or working areas require improvement and which effects can be expected from specific further investments (e.g. acquisition of a technical security solution or specific specialist training)?
Compelling questions such as these evoked a strong desire among financial institutions to measure and quantify the state of cyber resilience within their organizations. Since it was felt that traditional security metrics offer limited insight into the actual performance of cyber resilience provisions, an initiative was launched to jointly define a meaningful framework of cyber resilience metrics. The result of this work was compiled in a booklet to share the framework of cyber resilience metrics with other organisations that seek quantitative appraisal of their cyber security capabilities. The booklet is available here.