Periodic Reporting for period 2 - GEIGER (Geiger Cybersecurity Counter)
Période du rapport: 2021-06-01 au 2022-11-30
All the components of the GEIGER platform have been successfully completed and integrated. In the last project months, we have continued to improve security and performance. Components such as the GEIGER Indicator, the Cloud and the Toolbox, incorporated data structures that allow them to simplify the GEIGER user journeys and the development interfaces were improved to be able to interconnect more tools in the future and thus increase the capabilities/extendibility of the GEIGER platform.
GEIGER Educational Ecosystem
The GEIGER curriculum that aims at technical and topical interoperability was fully developed. It includes three learning levels and six threat-based categories, in addition to two further categories on GEIGER-specific usage and communication about GEIGER and cybersecurity, which is also the base for the educational data exchange within the GEIGER toolbox. For this, syllabi were developed for three different target groups of the use cases Several self-regulated and synchronous learning materials adapted for the use case-specific target groups were developed and have been partially integrated into the toolbox. These materials were then tested during the GEIGER ‘Use Cases’. An online-based community platform was developed that serves as an exchange network for CSDs and Education Providers and in relation with to communities with external members . The online platform further serves as a lean access structure to a broad set of learning features and common learning materials, with a special focus on game-based learning. Proof of concept for a feasible certification and assessment scheme for GEIGER Certified Security Defenders was achieved and was implemented within the use cases based on the respective target-group specific certification schemes of the individual use cases.
Dissemination & Exploitation
Dissemination, standardisation and exploitation aimed at supporting the development of a solution for small businesses to improve their level of cybersecurity, data protection, and privacy, and bringing it to the awareness of the target market, thus contributing to the reduction of economic damage caused by harmful cyber-attacks, privacy incidents and data protection breaches, and to paving the way for a trustworthy EU digital environment benefitting all economic and social actors. To reach this impact, WP5 adopted a multidimensional strategy for its dissemination, standardisation, and exploitation activities. The core of it was to 1) build communities around the solutions to cybersecurity challenges that micro and small enterprises (MSEs) experience, and encourage a low-threshold adoption of the tools to address of these challenges; 2) harmonise the GEIGER technical framework and an education programme with third parties through standardisation; 3) contribute to the policy development with recommendations and dialogue; and to 4) establish a spin-off to assure the full exploitation of the project results.
GEIGER laid the foundations to make MSEs better protected and become active players in the Digital Single Market, including implementing the Network and Information Security (NIS) directive3 and the application of GDPR by focussing on the ‘human factor’ with the help of the GEIGER tool. Furthermore, through the various educational features and tools, the GEIGER user community is enabled to become active users of the protection of their infrastructure and not just consumers of a product that promises to protect them.
Shared Responsibility of Security, Privacy, and Data Protection
GEIGER has contributed strengthening security, privacy, and personal data protection as shared responsibility along with all layers in the digital economy, including MSEs. The specified GEIGER ecosystem is grounded on the results of comprehensive elicitation with diverse stakeholders. Improving the situation of SMEs & MEs concerning the protection against cyber-threats and compliance with GDPR allows them better to integrate the business processes into the overall digital economy even if their goods and/or services are not directly IT-related.
Trustworthy EU Digital Environment
GEIGER contributed to pave the way for a trustworthy EU digital environment benefitting all economic and social actors. GEIGER significantly reduces the risk that owners and members of MSEs entering the digital era have due to their lack of cybersecurity knowledge. The GEIGER ecosystem, which takes a shared responsibility approach for protecting MSEs in any domain. Responsibility is shared among MSE associations, trained individuals, educators, certifiers, tool vendors, CERTs/CSIRTs, third-party data sources, and security experts. Thus, diverse economic and social actors contribute to and benefit from a trustworthy EU digital environment.
Diffusion of Security and Data Privacy Knowledge
GEIGER contributed to the diffusion of security and data privacy knowledge within the European industry incl. MSEs. The project team described cybersecurity educator and learner profiles and, in collaboration with the education work, derived requirements for the GEIGER Education Ecosystem for spreading security and privacy knowledge applicable for MSEs in the European industry.