SecurSentry: AI-Driven SIEM
The digitization of small and medium-sized enterprises (SMEs) has become an essential process for the advancement of their businesses. Most Spanish SMEs have a website and one in three offers online sales options. More than half also use digital financial management and accounting applications for their businesses. The investment forecasts will strengthen the solutions implemented so far and help SMEs to continue with their digital transformation, but they will also bring an increase in the area of exposure to cyberattacks. This increased risk in cyberattacks is often not accompanied by their corresponding investment in cybersecurity. Precisely the least developed area in digitization is cybersecurity: one in three SMEs currently have cybersecurity measures and only half intend to invest in this area.
Start date: July 2023
End date: June 2026
Budget: 598.200,00 €
INCIBE contribution: 550.344,00 €
USAL contribution: 47.856,00 €
Call 2. Pre-commercial Public Procurement CPP002/22.
Objectives
The main objective of the SecurSentry project: AI-Driven SIEM is to develop a solution adapted to SMEs that centralizes the data of an organization, correlates them and analyzes them in real time using artificial intelligence (AI) in search of threats. Objectives:
- This area covers system analysis and design tasks.
- This area includes tasks to develop the necessary software to cover the described use cases and defined requirements to achieve the planned functionalities.
- This area includes tasks related to verification and validation of project stages and work packages
- This area will include tasks related to the delivery of a final version once it has completed the development, integration and testing phases and dissemination/dissemination activities.
Methodology
SecurSentry: AI-Driven SIEM is structured in 3 sequential stages, as indicated by the CPI offer:
Detail engineering
Prototype development
Demonstration in operational environment
The project is divided into 4 Work Packages (WPs). To ensure the success of the project, the Action-Research methodology , beneficial for transfer and innovation, will be followed, allowing simultaneous tasks of research and development actions. The methodology has 4 characteristics: action orientation and change; approach to the problem; organizational process with systematic stages; and collaboration among participants.
Results
The result will be a prototype of the system whose functionalities will be demonstrated in 4 vertical (Safety Operations Centers) of 6 different representative users, thus reaching a level TRL8. End-users will participate in the specification of functional and technical requirements, and will follow in the project the following standards to ensure quality, create a system that ensures compliance with the required cybersecurity requirements, as well as the implementation of AI components based on the ethical guidelines, Trustworthy AI of CE1 : ISO/IEC 25030:2007 (software quality requirements), ISO/IEC 27032:2012 (guidelines for cybersecurity) and ISO/IEC 24028:2020 (trustworthiness in AI).
The final result of the project will be a complete software package with a licensed installation and activation management system.
Final users: