TNO and tech companies join forces for further development of automated cybersecurity platform
Together with KPN, Software-as-a-Service (SaaS) company BiZZdesign and software company VMware, TNO has signed an agreement to complete the development of an automated cybersecurity platform and make it ready for the market. Last year, an important step was taken with the development and testing of a working prototype. With this agreement within the ASOP (Automated Security Operations) Consortium, the aim is to further develop the prototype in order to have an interoperable platform that can defend against automated cyber-attacks in place by 2024.
Technology to automate cyber operations
This platform will enable Dutch companies and organizations to automate their cyber operations, taking into account the consequences for business continuity. Making such technology widely available is essential for protecting the Dutch digital economy in the erratic cyber landscape.
Cyber-attacks are becoming more sophisticated as well as increasingly automated. At present, most organizations can hardly keep up with the speed and developments of these digital threats. Human action alone to repel these attacks is therefore no longer sufficient.
Repelling cyber attacks through cooperation
That is why in 2020, with support from the Ministry of Economic Affairs and Climate Policy, the ASOP Consortium was launched with the aim of developing an automated security operations platform within several years in a public-private partnership between Dutch cyber security companies, public organizations and TNO.
The ASOP platform intends to increase the resilience of organizations against cyber-attacks, protecting them in an effective and efficient manner. The platform empowers organizations to perform the analysis of and decision making on cyber threats as part of the organizational risk management process.
On the one hand by supporting an adaptive cybersecurity strategy based on the business impact of attacks. On the other hand by providing a modular and vendor independent platform, enabling organizations to use the best-of-breed cybersecurity solutions.
Automatically averting cyber-attacks; how does it work?
Firstly, innovative machine learning algorithms ensure accurate detection of cyber-attacks in IT infrastructure, with a very low probability of a costly false alarm. After detecting a cyber incident, a decision on the best possible response is made automatically based on combined data streams and the impact on business continuity.
Finally this leads to automatic adjustments in the IT infrastructure to mitigate the impact, without having to temporarily take the functionality offline. This is possible because the architecture and configuration of IT infrastructures are increasingly defined in software rather than hardware.
Halfway through the process
In the current research phase, the goal is to further refine the ASOP platform to communicate with existing security solutions and the different modules from various suppliers. With this, the platform offers an answer to a more diverse spectrum of digital threats.
Together with BiZZdesign, VMware and KPN, the prototype can be further developed and validated based on their environment. After that, the final phase will focus on operationalizing the platform.
The ASOP consortium has tested the prototype of the platform in which the process outlined above has been fully automated, based on a pre-specified scenario. For a detailed explanation, please refer to the recorded webinar of 7 July 2021 on YouTube.
“This prototype means we are taking a big step towards a cloud-based platform for automated security operations”, says Noura el Ouajdi, Sr. Manager Innovative Ecosystems Cyber Security at TNO.
“The platform includes several innovative applications such as a modular and scalable architecture that makes it accessible for current and future cyber security products. Changes or configurations in the IT infrastructure are carried out at machine speed and the platform uses open standards and protocols, which significantly reduces dependence on suppliers. In the near future, this platform will support end users such as government, logistics and healthcare to automatically identify and detect cyber security risks based on the impact these risks have on the organization's business continuity."
“Many public authorities and businesses rely on KPN Security to protect their critical environments. By participating ASOP consortium, KPN Security hopes to offer its customers a relevant addition in the future: taking immediate measures in the event of emergencies based on business criteria instead of just looking at the technology. An important step towards making it possible for the government and the business community to make optimal use of the opportunities offered by digitalisation." – Erno Doorenspleet, CTO KPN Security
“Cyber security management is a complex challenge. Connecting silos and creating multidimensional insight are crucial. As an Enterprise Architecture SaaS leader, we therefore see ASOP as a unique setting to make a distinctive contribution to the platform with our core values – in close cooperation with strong partners – and to further develop our software with new standards and knowledge.” – Hugo Ehrnreich, Chief Executive Officer, BiZZdesign
“VMware is pleased to bring its Multi-Cloud expertise to the ASOP Consortium and the development of an open standards-based platform for automating security operations in the Netherlands and beyond. It’s increasingly obvious that modern cybersecurity is a team sport, and collaborations such as ASOP can only bring greater customer choice.“ - Joe Baguley, VP & CTO EMEA VMware
Ministry of Economic Affairs and Climate Policy
“Public-private cooperation in the field of automated security contributes to the competitiveness of the Netherlands and helps to securely capitalise on the economic and social opportunities of digitalisation.” – Timon Domela Nieuwenhuis Nyegaard, Ministry of Economic Affairs and Climate Policy.
Noura El OuajdiFunctie:Ecosystem lead Consortium for Automated Security Operations
“TNO is a wonderful playground for socially relevant initiatives”. - Noura El Ouajdi is an ecosystem lead for the Consortium for Automated Security Operations (ASOP), which combats sophisticated cyberattacks and other complex security threats.
Daniël WormFunctie:Senior consultant
Erik MeeuwissenFunctie:Senior consultant
Erik Meeuwissen is a senior consultant and leads TNO's Security Monitoring & Detection team. The team has a track record on cyber attack detection in company networks and is broadening its scope to OT. To counter advanced and targeted attacks, anomaly detection is a key ingredient. The team is active in different sectors including government and financials.
Frank FransenFunctie:Senior scientist
Frank Fransen is the lead scientist in the TNO Trusted ICT Cluster focussing on Automated Security and Security Monitoring and Detection. Frank has been working on some major international cybersecurity research projects, such as SOCCRATES and INTERSECT.
Frank PhillipsonFunctie:Senior scientist
Frank Phillipson is senior scientist and professor at Maastricht University in Computational Operations Research, specialized in optimization in telecommunication, energy and logistics networks. Most of our current work is focused on finding new computational techniques for optimization and machine learning using the quantum computer.
Maran van HeeschFunctie:Senior consultant
Maran van Heesch is the portfolio manager for PMC's Quantum Safe Technologies and Practical Algorithms for Quantum Optimization. Maran van Heesch works as a scientific consultant at TNO with a strong focus on applied cryptography, including post-quantum cryptography, quantum cryptography and secure multi-party computation. She works on figuring out use cases for quantum key distribution, possible transition models to post-quantum cryptography for security products and has implemented multi-party computation protocols for various use cases in the financial and healthcare sectors.
Rob KooijFunctie:Senior scientist
Hi, I'm Rob Kooij, I am a senior scientist at the Cyber Security & Robustness department and professor at Delft University of Technology in the field of Network Science. My specialization is robustness and resilience aspects of networks and systems. I am mainly working for the PMC Security Monitoring & Detection, looking at cyber security in the context of critical infrastructures, but I am also interested in applying insights from network science to other domains.
Looking for another expert?View all experts