We focus on ten societal areas.
TNO cooperates with companies, the public sector and other organisations, to apply our knowledge and expertise with and for others.
We develop knowledge not for its own sake, but for practical application.
TNO offers you the chance to do groundbreaking work and help customers and society with innovative, practical and smart solutions.
On TNO Insights you can read in-depth interviews and articles. Get inspired by TNO’s innovations!
The Shared Research Program (SRP) Cyber Security is a research and innovation program in which TNO and its partners are cooperating with the aim to improve cyber security, by means of innovation in technologies and processes. Current partners are TNO, ABN AMRO, Rabobank, ING, Achmea and de Volksbank.
The aim of the SRP is to improve the prevention and detection of cyber-attacks and the recovery thereafter. We do this by developing innovative technologies and methods based on expertise in the areas of security technologies and methodologies, data analytics, crisis management, behavioural sciences, information services and business analysis.
The SRP involves a multi-year commitment, in which the partners explore four lines of research:
By collaborating with our partners, we are able to ensure the relevance of our research and the valorisation of the expertise we are developing, which in turn will generate economic impact. This collaboration takes places in three areas:
The development of innovative technologies and methods will:
One of the SRP cybersecurity goals is to share the results with the security community, so the society as a whole will be more resilient against cyber attacks. One of the means to reach this goal is publishing the SRP magazine, which can be downloaded below.
Interested parties from any sector are welcome to join the SRP.
Below are the publishable results in reporting format that can be downloaded from the SRP website. For other results (such as methodology, software), please contact us.
We hope these experiences and results again will offer you some fresh perspectives on cyber security innovation, which we believe is essential to maintain a robust and safe society.
This white paper describes a traceable quantitative risk management approach, that uses current information that is available to quantify risks. This also leads to a near real-time risk process, when available information is processed and the risks are automatically updated. The methodology is based on potential attacks rather than assets. The methodology was evaluated against some real-life use cases and in the risk departments of banks. In this white paper we share these experiences.
The first edition of the SRP magazine contains some of the results achieved during 2014-2017.
To decide in which (additional) security measures to invest, there is a need to measure and quantify the state of cyber resilience. Traditional security metrics offer limited insight into the actual performance of cyber resilience provisions, therefore the SRP defined a meaningful framework of cyber resilience metrics. The result of this work was compiled in a booklet to share the framework of cyber resilience metrics with other organisations that seek quantitative appraisal of their cyber security capabilities.