WISER delivers a cyber-risk management framework able to assess, monitor and mitigate the risks in real time, in multiple industries. WISER incorporates socio-economic impact aspects, building on current state of the art methodologies and tools, and leveraging best practices from multiple industries and international initiatives (e.g: NIS).
WISER aims at implementing an impressive series of 9 short experiments, in the form of Early Assessment Pilots (EAPs) to test the resilience of different risk management frameworks (taken from different industries and intended broadly) with regards to both traditional and advanced cybersecurity threats. The EAPs allow taking elements that work best in cybersecurity risk management from different frameworks, to then build and implement an advanced risk management system that will be tested & validated in 3 Full- Scale Pilots (FSPs) – with different, high-impact instantiations in the financial services and insurance industry and in the energy field – to demonstrate market acceptance, as well as scalability of a risk management framework for cybersecurity.
The WISER framework will ensure cyber risk management becomes an integral part to good business practice in both critical infrastructure & process owners and ICT-intensive SMEs by offering two delivery modes: a pre-packaged solution for addressing basic cyber risk management needs (i.e. SMEs), and a Risk Platform as a Service (RPaaS) mode of operation of the platform, intended for critical infrastructures or highly complex cyber systems requiring the implementation of special controls within the ICT system to be monitored. Ultimately, WISER implements on-demand service composition and ignites innovative assurance models, also from the point of view of premiums determination targeting. Significant outcomes of the project are also the RPaaS business model, the community of end-users, and the multi-industry synergy & standardization strategy.
XLAB's role within the project is to provide know-how and technology to integrate technological advancements related to monitoring and mitigation of IT platforms for cyber risk management in real-time. Additionally, we will provide technology for secure scalable storage warehouse within cloud infrastructure. Moreover, our interest in the project’s result is the platform that is capable to be seamlessly integrated within our existing applications capturing metrics from the external sources (SmartGrids, existing monitoring infrastructure for physical resources, etc.) and providing mechanism for executive decisions regarding security infrastructure. Since we are also aiming at adopting security standards related to Security Risk Frameworks (ISO 27001), this would help us enormously with the adoption.