Shared Research Program (SRP) Cyber Security

The aim of the SRP is to improve the prevention and detection of cyber-attacks and the recovery thereafter. We do this by developing innovative technologies and methods based on expertise in the areas of security technologies and methodologies, data analytics, crisis management, behavioural sciences, information services and business analysis.

The SRP involves a multi-year commitment, in which the partners explore four lines of research:

• Monitoring & Response – the aim is to improve the detection of cyber security incidents, and improve the response to incidents once they are detected, through innovation in monitoring and response technologies and processes.
• Controlled Resilience – the aim is to improve organizations’ cyber resilience, through innovation in resilience technologies and processes. Cyber resilience is defined as an organization’s ability to cope with cyber attacks on its infrastructure or electronic services.
• Cyber Intelligence – the aim is to share threat intelligence more effectively, and to use it for the early detection and prevention of cyber attacks.
• Human Factors in cybersecurity - the aim is to research the human factor in cyber security. It involves the human in cyber security situations, and  includes cyber criminals, victims of cybercriminals (e.g., banking employees and customers) and professionals that play a role in tackling cybercrime (e.g., SOC analysts, software developers).

By collaborating with our partners, we are able to ensure the relevance of our research and the valorisation of the expertise we are developing, which in turn will generate economic impact. This collaboration takes places in three areas:

• Collaborative working - project teams of all projects within the program are staffed by TNO and staff members of all participating partners.
• Sharing data - the partners in the program provide (anonymized) real data to evaluate innovative security methods.
• Shared funding - every partner pays a part of the costs of the program and contributes in-kind. The Dutch government contributes to the funding.

The development of innovative technologies and methods will:

• reduce the losses and impact caused by cyber-attacks;
• improve our ability to control cyber security risks;
• increase the extent to which electronic services are used as a result of increased trust.

One of the SRP cybersecurity goals is to share the results with the security community, so the society as a whole will be more resilient against cyber attacks. One of the means to reach this goal is publishing the SRP magazine, which can be downloaded below.

Interested parties from any sector are welcome to join the SRP.

Downloadable results of the SRP cybersecurity

The SRP cybersecurity is featured (in Dutch language) in the magazine of the Dutch cyber security association 'Platform voor Informatie beveiliging (PvIB)', issue 2 of 2020. More than two years ago, in issue 5 of 2017, we introduced the SRP cybersecurity in this magazine. In the new article we provide an update of the current SRP status and highlight three of the project results:

• The cyber behavior of banking employees
• Self-healing security
• Threat Landscaping

The article featuring the SRP can be downloaded here. The full magazine can be downloaded at the PvIB website. This full magazine is accessible only for members of the PvIB, for a period of two months after publication, it will be publicly accessible when the following issue is published.

SRP magazine 2019

Some of the results that were achieved during the years 2017-2019 are bundled in a magazine that we have published both as on-line pdf and as printed material. It is the second edition of this magazine, the first edition was published in 2017. This magazine serves two purposes:

• To share our experience that cooperation in a Shared Research Program adds value for every participant;
• To share some of the results that have been achieved in this Program in the previous two years.

We hope these experiences and results again will offer you some fresh perspectives on cyber security innovation, which we believe is essential to maintain a robust and safe society.

White paper Quantifying risks

This white paper describes a traceable quantitative risk management approach, that uses current information that is available to quantify risks. This also leads to a near real-time risk process, when available information is processed and the risks are automatically updated. The methodology is based on potential attacks rather than assets. The methodology was evaluated against some real-life use cases and in the risk departments of banks. In this white paper we share these experiences.

SRP magazine 2017

The first edition of the SRP magazine contains some of the results achieved during 2014-2017.

Cyber resilience metrics

To decide in which (additional) security measures to invest, there is a need to measure and quantify the state of cyber resilience. Traditional security metrics offer limited insight into the actual performance of cyber resilience provisions, therefore the SRP defined a meaningful framework of cyber resilience metrics. The result of this work was compiled in a booklet to share the framework of cyber resilience metrics with other organisations that seek quantitative appraisal of their cyber security capabilities.