SecBCM – Secure and Resilient Business Continuity Management of Critical Operations  (SecBCM)


Main funder

Funder's project number3070/31/2024


Funds granted by main funder (€)

  • 60 000,00


Funding program


Project timetable

Project start date01/10/2024

Project end date31/03/2025


Summary

Paths from threats to exploitation is becoming faster, for example time from a vulnerability notification to a commonly available exploitation method is mostly less than a week. Infection escalation time after initial attack to beginning of, e.g., data exfiltration or encryption is in many cases counted in seconds. The malicious cycle is fast and there is a need to perceive emerging threats in a very early phase before any concrete malicious actions by adversaries or even before malicious actors see a chance for exploitation. Therefore, our aim is to design an initial infection investigation (I3) system that offers input to prevailing security operations, such as security operations centers (SOC) and its’ input sources, such as SIEM, Threat Intelligence, Log Collection among others. The I3 system collects information from various sources in the Internet including both surface and dark web, physical world and institutions. It combines collected signals to identify
possible new threats by searching correlations and causal relations with, e.g., neuro-fuzzy tools. University of Jyväskylä focus on identification of the signal sources and the available tools for emerging threat recognition. Other project partners contribute also to signal source identification and evaluate required skills, mix of expertise and amount of work to build automated abilities to recognize new threats. They also evaluate adaptation capabilities of the prevailing security
arrangements and operations to different kind of signals as the signs of threat. Six Finnish companies collaborate and support and JYU’s work in the project.


Principal Investigator


Other persons related to this project (JYU)

Contact person (yes/no)Yes


Primary responsible unit


Follow-up groups

Profiling areaCyber security (University of Jyväskylä JYU)


Last updated on 2024-09-10 at 02:41