TNO and tech companies join forces for further development of automated cybersecurity platform
Together with KPN, Software-as-a-Service (SaaS) company BiZZdesign and software company VMware, TNO has signed an agreement to complete the development of an automated cybersecurity platform and make it ready for the market. Last year, an important step was taken with the development and testing of a working prototype. With this agreement within the ASOP (Automated Security Operations) Consortium, the aim is to further develop the prototype in order to have an interoperable platform that can defend against automated cyber-attacks in place by 2024.
Technology to automate cyber operations
This platform will enable Dutch companies and organizations to automate their cyber operations, taking into account the consequences for business continuity. Making such technology widely available is essential for protecting the Dutch digital economy in the erratic cyber landscape.
Cyber-attacks are becoming more sophisticated as well as increasingly automated. At present, most organizations can hardly keep up with the speed and developments of these digital threats. Human action alone to repel these attacks is therefore no longer sufficient.
Repelling cyber attacks through cooperation
That is why in 2020, with support from the Ministry of Economic Affairs and Climate Policy, the ASOP Consortium was launched with the aim of developing an automated security operations platform within several years in a public-private partnership between Dutch cyber security companies, public organizations and TNO.
The ASOP platform intends to increase the resilience of organizations against cyber-attacks, protecting them in an effective and efficient manner. The platform empowers organizations to perform the analysis of and decision making on cyber threats as part of the organizational risk management process.
On the one hand by supporting an adaptive cybersecurity strategy based on the business impact of attacks. On the other hand by providing a modular and vendor independent platform, enabling organizations to use the best-of-breed cybersecurity solutions.
Automatically averting cyber-attacks; how does it work?
Firstly, innovative machine learning algorithms ensure accurate detection of cyber-attacks in IT infrastructure, with a very low probability of a costly false alarm. After detecting a cyber incident, a decision on the best possible response is made automatically based on combined data streams and the impact on business continuity.
Finally this leads to automatic adjustments in the IT infrastructure to mitigate the impact, without having to temporarily take the functionality offline. This is possible because the architecture and configuration of IT infrastructures are increasingly defined in software rather than hardware.
Halfway through the process
In the current research phase, the goal is to further refine the ASOP platform to communicate with existing security solutions and the different modules from various suppliers. With this, the platform offers an answer to a more diverse spectrum of digital threats.
Together with BiZZdesign, VMware and KPN, the prototype can be further developed and validated based on their environment. After that, the final phase will focus on operationalizing the platform.
The ASOP consortium has tested the prototype of the platform in which the process outlined above has been fully automated, based on a pre-specified scenario. For a detailed explanation, please refer to the recorded webinar of 7 July 2021 on YouTube.
“This prototype means we are taking a big step towards a cloud-based platform for automated security operations”, says Noura el Ouajdi, Sr. Manager Innovative Ecosystems Cyber Security at TNO.
“The platform includes several innovative applications such as a modular and scalable architecture that makes it accessible for current and future cyber security products. Changes or configurations in the IT infrastructure are carried out at machine speed and the platform uses open standards and protocols, which significantly reduces dependence on suppliers. In the near future, this platform will support end users such as government, logistics and healthcare to automatically identify and detect cyber security risks based on the impact these risks have on the organization's business continuity."
“Many public authorities and businesses rely on KPN Security to protect their critical environments. By participating ASOP consortium, KPN Security hopes to offer its customers a relevant addition in the future: taking immediate measures in the event of emergencies based on business criteria instead of just looking at the technology. An important step towards making it possible for the government and the business community to make optimal use of the opportunities offered by digitalisation." – Erno Doorenspleet, CTO KPN Security
“Cyber security management is a complex challenge. Connecting silos and creating multidimensional insight are crucial. As an Enterprise Architecture SaaS leader, we therefore see ASOP as a unique setting to make a distinctive contribution to the platform with our core values – in close cooperation with strong partners – and to further develop our software with new standards and knowledge.” – Hugo Ehrnreich, Chief Executive Officer, BiZZdesign
“VMware is pleased to bring its Multi-Cloud expertise to the ASOP Consortium and the development of an open standards-based platform for automating security operations in the Netherlands and beyond. It’s increasingly obvious that modern cybersecurity is a team sport, and collaborations such as ASOP can only bring greater customer choice.“ - Joe Baguley, VP & CTO EMEA VMware
Ministry of Economic Affairs and Climate Policy
“Public-private cooperation in the field of automated security contributes to the competitiveness of the Netherlands and helps to securely capitalise on the economic and social opportunities of digitalisation.” – Timon Domela Nieuwenhuis Nyegaard, Ministry of Economic Affairs and Climate Policy.
Noura El OuajdiFunctie:Ecosystem lead Consortium for Automated Security Operations
“TNO is a wonderful playground for socially relevant initiatives”. - Noura El Ouajdi is an ecosystem lead for the Consortium for Automated Security Operations (ASOP), which combats sophisticated cyberattacks and other complex security threats.
Daniël WormFunctie:Senior consultant
Dimitri HehanussaFunctie:Business Development Manager
Dimitri Hehanussa is responsible for the portfolio of Trusted ICT. Dimitri gained his experience in business development and roadmap development in the telecom, internet and cybersecurity sector and is founder of a TNO spin-off company. Together with his colleagues Dimitri develops TNO's knowledge and technology roadmap for cybersecurity challenges and in the field of quantum computing applications from a commercial perspective.
Erik MeeuwissenFunctie:Senior consultant
Erik Meeuwissen is a senior consultant and leads TNO's Security Monitoring & Detection team. The team has a track record on cyber attack detection in company networks and is broadening its scope to OT. To counter advanced and targeted attacks, anomaly detection is a key ingredient. The team is active in different sectors including government and financials.
Frank FransenFunctie:Senior scientist
Frank Fransen is the lead scientist in the TNO Trusted ICT Cluster focussing on Automated Security and Security Monitoring and Detection. Frank has been working on some major international cybersecurity research projects, such as SOCCRATES and INTERSECT.
Frank PhillipsonFunctie:Professor – optimisation and quantum algorithms
Frank Phillipson is senior scientist and professor at Maastricht University in Computational Operations Research, specialized in optimization in telecommunication, energy and logistics networks. Most of our current work is focused on finding new computational techniques for optimization and machine learning using the quantum computer.
Freek BomhofFunctie:Senior Consultant
Freek Bomhof is senior consultant in the Data Science group, focusing on applications of responsible AI, mostly for the Safety & Security sector. He is one of the driving forces behind the National Innovation Center for Privacy Enhancing Technologies, and he is also board member of the Big Data Value Association.
Jean-Louis RosoFunctie:Senior Business Development Manager
Jean-Louis Roso is a senior business development manager where he is responisble for helping the Dutch Government by indicating where new technologies can help the Dutch Government in fullfilling their tasks towards civilians and businesses. As an independant research organisation we do so by setting up proof of concepts and/or pilots with these new technologies based on scientific research.
Maran van HeeschFunctie:Senior consultant
Maran van Heesch is the portfolio manager for PMC's Quantum Safe Technologies and Practical Algorithms for Quantum Optimization. Maran van Heesch works as a scientific consultant at TNO with a strong focus on applied cryptography, including post-quantum cryptography, quantum cryptography and secure multi-party computation. She works on figuring out use cases for quantum key distribution, possible transition models to post-quantum cryptography for security products and has implemented multi-party computation protocols for various use cases in the financial and healthcare sectors.
Mark BuninghFunctie:Senior Business Developer
A decentralised design on the basis of Zero Trust offers significant advantages over tradional or siloed security approaches. It clarifies the underlying architectures, while processes remain transparent, and responsibilities straightforward. For more information on this topic, feel free to reach out to me or one of my colleagues.
Looking for another expert?View all experts
Let yourself be inspired
Cyber security challenges and innovations
Which cyber security challenges will the Netherlands face now and in the (near) future? TNO is working on the technologies and innovations of today ánd tomorrow.
Quantum computer is a threat to data protection
Quantum technology offers opportunities for societal. At the same time, it is a threat to our cyber security.
Applied Cryptography & Quantum Algorithms
The Applied Cryptography & Quantum Algorithms expertise group aims for quantum-safe society, secure data sharing and privacy enhancement in the quantum age.
Automated Security for a secure digital economy
Automated Security is necessary to ward off cyber attacks in time. Together with partners, we’re developing two cybersecurity solutions for the market.
Quantum computing: how can it serve your organisation?
Solving problems in real time with quantum computing applications? The huge computing power provides opportunities for AI, optimisation, and materials science.