Automated Security for a secure digital economy
Growing digitalisation is making the Netherlands increasingly susceptible to cyber attacks. These are ever more frequently automated and even carried out at machine speed. To remain digitally resilient now and in the future, the Automated Security Operations (ASOP) consortium offers two innovative solutions for the market.
Why don’t we make more use of automated security?
Our society runs almost entirely on digital processes and systems. Vital sectors are changing their business models and processes under the influence of digitalisation in order to remain competitive. Sectors such as logistics, healthcare, and manufacturing. The downside of this digitalisation is the growing number of cyber attacks. Systems are attacked within seconds, whereas detecting and responding to a security incident can take weeks or months.
A number of threats in the market are hampering cybersecurity solutions:
- IT networks are becoming ever more complex, which increases the workload of security analysts.
- There’s a major shortage of suitable and qualified cybersecurity experts.
- The mix of data is increasing enormously, making manual checking almost impossible.
- There are few opportunities to create an economy of scale.
- The cyber landscape is fragmented due to too many separate solutions and data silos (separately stored collections of data).
- Different systems and languages of cyber products that do not work together sufficiently make it increasingly difficult to respond quickly to a cyber attack.
- Too much help is needed from a fairly small group of hardware, software, digital service and platform providers from a small number of countries.
As a result, we’re creating too few cybersecurity innovations and there’s a lack of firepower and effectiveness. This impedes the development and use of automated security solutions. In automated security, technology controls the security of data and computer systems, and there’s less need for human help.
Shared approach needed
It’s therefore important to invest in shared cybersecurity knowledge. The key to success lies in a comprehensive approach, as well as knowledge and experience that go beyond the IT sector itself. Only through public-private partnerships with business, government, schools, and research organisations can we make the difference.
The ASOP Consortium brings these forces together and focuses on:
- protecting a safe and strong Dutch society
- improving independent knowledge development in the Netherlands
- strengthening the competitiveness of the Dutch cybersecurity sector
ASOP develops first-class technology along two routes
ASOP is a long-term public-private partnership that develops technology of the highest level to automate security operations. And there are testing and development facilities available to align the technology with security issues identified by the market. The ASOP innovations will ultimately be offered to the market as a fully developed solution.
ASOP is developing these automated security solutions along two routes:
1. ASOP Next Generation Security Platform
With the development of a ground-breaking security platform, we’re enabling substantial automation of cybersecurity operations. This cloud platform is modular, scalable, and can be expanded flexibly. Changes or adjustments in the IT network are made at machine speed. The platform also provides tools for automation. These enable special security teams (SOC and CSIRT operations) to work faster and with greater power, and ease the employees’ workload.
The ASOP platform uses open standards and protocols. This ensures that existing and future cybersecurity products will work well together. End users therefore no longer depend on a single supplier.
With this platform, end users can automatically detect, recognise, and respond to cyber risks. Both within the government and sectors such as logistics and healthcare.
The core partners of the ASOP Next Generation Security Platform are BiZZdesign, KPN, VMware, and TNO.
In July 2021, ASOP delivered a first working test version of the ASOP infrastructure. This works in conjunction with an innovative, automated ‘incident response cycle’. A first scenario was developed in the prototype. This involved automated monitoring, detection, and response to an event within a simulated network environment.
Together with our partners, we’ll develop the prototype further in the coming years. This work involves various ‘use cases’: a description of an action between a user and the system. In this way, we’re creating a completely innovative Security Platform that fully meets market requirements.
2. ASOP Development, Test & Deployment Hub (DTD)
Within this community, we focus on matching supply and demand from the market as well as scientific research. On the one hand, we help end users and cybersecurity companies exploit the ASOP innovations developed for the Security Platform. On the other hand, the DTD also supports other parties, such as SMEs. This enables them to develop, test, and implement innovations together in the short term.
The Automated Security Operations (ASOP) consortium was launched in July 2020, with support from the Ministry of Economic Affairs and Climate Policy, the Municipality of The Hague, and the Province of Zuid-Holland. Within a public-private partnership between Dutch cybersecurity companies, public organisations, and TNO, the ASOP consortium aims to become the knowledge centre for automated security operations within 5 years.
We’d like to get in touch with parties with similar ambitions. Together, we’re working to help Europe develop and offer the most innovative and advanced automated security solutions. We warmly invite end users, cybersecurity companies, and managed service providers, as well as research institutions and other partnerships or initiatives in this field to contact Noura el Ouajdi of TNO.
Interested in how we automate security operations?
Download our technical execution programme
Sebastiaan Tesink is senior system engineer at the Cyber Security Technologies department, specialized in (automated) vulnerability research and automated security. He is portfolio manager for the PMC Automated Security, and involved in multiple projects concerning challenges in automation of red and blue teams.
Erik MeeuwissenFunctie:Senior consultant
Erik Meeuwissen is a senior consultant and leads TNO's Security Monitoring & Detection team. The team has a track record on cyber attack detection in company networks and is broadening its scope to OT. To counter advanced and targeted attacks, anomaly detection is a key ingredient. The team is active in different sectors including government and financials.
Frank FransenFunctie:Senior scientist
Frank Fransen is the lead scientist in the TNO Trusted ICT Cluster focussing on Automated Security and Security Monitoring and Detection. Frank has been working on some major international cybersecurity research projects, such as SOCCRATES and INTERSECT.
Noura El OuajdiFunctie:Ecosystem lead Consortium for Automated Security Operations
“TNO is a wonderful playground for socially relevant initiatives”. - Noura El Ouajdi is an ecosystem lead for the Consortium for Automated Security Operations (ASOP), which combats sophisticated cyberattacks and other complex security threats.
Looking for another expert?View all experts
Webinar: explanation of ASOP prototype modulair security platform
With the development of the first prototype modular security platform, we are taking a first step towards enabling automated risk management of cyber security operations for the benefit of strategic organisational objectives.