The protection of Critical Infrastructure (CI) increasingly demands solutions which support incident detection and management at the levels of individual CI, across CIs which are depending on each other, and across borders.
An approach is required which really integrates functionalities across all these levels. Cooperation of privately operated CIs and public bodies (governments and EU) is difficult but mandatory.
The mission of ECOSSIAN is to improve the detection and management of highly sophisticated cyber security incidents of and attacks against critical infrastructures by implementing a pan-European early warning and situational awareness framework with command and control facilities.
The ECOSSIAN project aims to:
- Establish and enhance a security-state awareness to support operators of CI by implementing an Operator Security Operation Centre (O-SOC);
- Combine O-SOCs of Member States’ identified and designated CI in a National Security Operation Centre (N-SOC);
- Improve the effectiveness of decision-making and incident response capabilities in Member States through real-time situational awareness, information sharing and command & control opportunities;
- Support a pan-European early-warning entity through the connection of Member States N-SOC to a European Security Operation Centre (E-SOC), including the required interoperability standards;
- Enable consistent and collaborative cross-border and cross-sectorial incident management for CI by utilizing E-SOC capabilities;
- Build trusted relationships and engage the CI operators at the EU level;Ensure trustworthiness, anonymity, privacy and legality of action for all stakeholders and end users as necessary;Perform a full-scale demonstration of the implemented ECOSSIAN framework and system; and
- Build an entry point for EU-US collaborative information sharing efforts in cyber defense to create readiness to react on a global basis.