Launched under European Defence Industrial Development Programme in December 2021, the project “Cyber Rapid Response Toolbox for Defence Use” (CYBER4DE) takes on the challenge to develop an easily deployable, modular, and scalable cyber rapid response toolbox to manage cyber incidents in different complex national and international scenarios. The project also aims to enhance processes and practices of Cyber Rapid Response Teams (CRRTs) under the PESCO framework for a faster uptake of the new tools and for increased effectiveness in the operating domain.
Although fast forming CRRTs initiatives may provide necessary response to the emerging cyber threats, these teams can only operate in common enterprise environments, have limited capabilities for specialized systems, or are dedicated to working only in organizations’ internal networks. Additional capabilities must be developed and made available for such teams ensuring situational awareness and fast information flow from technical to decision-making level and vice versa.
“Rapid response to cyber-attacks is one of the main interests of European Defence as it strongly affects stability in Europe and outside Europe and wealth and safety of the society. CYBER4DE will deliver a proven, production-grade, and ready-to-use toolbox that is secure by design, engineered through a consultative approach to decisively address the most challenging operational environment, and built through the integration of state-of-the-art, mostly open-source software that provides the most advanced capabilities for incident response and crisis management”, – says dr. Tomas Žalandauskas, coordinator of the CYBER4DE project.
The toolbox concept is based on four modules: Workplace, Sensors, Back-office, and Cloud services. They provide specific functionality to manage cyber incidents (detect, investigate, and remedy hostile activities) and are integrated into a highly sophisticated, flexible, and scalable solution that is easily configurable and deployable to meet the specifics of a wide range of deployed cyber crisis operations. To ensure a high modularity and flexibility level, the unified core software and hardware platform are planned together with built-in management, monitoring and security components. State-of-the-art and open technologies, including enhancements provided by Artificial Intelligence solutions, will ensure the toolbox remains effective and upgradable over the years.
The development of the CYBER4DE toolbox will start with an in-depth analysis of the needs and limitations faced by CRRTs. Requirements and specifications derived from the study results and consolidated among the participating Member States will pave the way to create flexible and standardized tools, thus enabling international cooperation and integration with already existing systems. The toolbox and the best-identified processes and practices to confirm the targeted functionality will be brought to the “field” and approved in the qualification exercises with the existing CRRTs.
The project will deliver a fully functioning, ready to be accredited/certified new generation easily deployable cyber toolbox for defence (TRL7 / TRL8) by mid-2024. User manuals and training packages will be provided to ensure rapid and effective uptake by the Member States.
The CYBER4DE industrial consortium combines large enterprises, mid-caps, and SMEs
from Lithuania (Baltic Institute of Advanced Technology (coordinator), NRD Cyber Security), Croatia (Infigo IS, Poslovna Inteligencija), Estonia (Talgen), France (Airbus Cybersecurity SAS, Thales Six GTS), Italy (Leonardo), Poland (Asseco Poland), and Romania (METRA). The project has a duration of 30 months and a budget of approximately € 10 million.