Research Methodology and Outcome Stakeholders Collaboration Scientists / Practitioners / Consumers Scientific Evidence Explicit Knowledge Consumers Humanist Knowledge Practitioners’ Expertise Tacit Knowledge T r i a d o f E v i d e n c e - B a s e d P r a c t i c e S t a k e h o l d e r C a t e g o r i z a t i o n Applied Cyber Security Metrics Analysis Database of cyber security indicators and metrics: blacklists, cyber attack measurements, profitability metrics, investment efficiency metrics. Regulation Focused Comparative Analysis Assess the effectiveness of industry standards and regulations - provide a set of recommendations. Compare/develop business models to address and mitigate the effects of cyber crime. Cost benefit comparative analysis of cyber security solutions/products. Data Mining, Data Processing and Automated Analysis Automated Analysis framework using openly available information sources: privacy/security discussion forums and blogs, incident reporting web pages, bug bounties discussions and reward announcements, public police reports, Deep Web. Build a methodological framework that will rely on big data gathering, storing, processing, correlating, and organizing these massive information sources. Estimate the economic impact by developing revenue models for criminal activities. Economic and Behavioral Theoretic Analysis Cyber security information sharing in the investment behavior. Quantitative analysis, relating technical and behavioral variables, to identify network conditions indicative of cyber threats. Analysis of economic factors shaping the conditions for competition and profitability in the security industry. Cost benefit analysis of cyber security methodologies.

Stakeholders Collaboration Research Methodology and ......Project Coordinator: Dr. Stelios C. A. Thomopoulos [email protected] Institute Director & Director of Research Head of

  • Upload

  • View

  • Download

Embed Size (px)

Citation preview

  • Research Methodology and OutcomeStakeholders Collaboration

    Scientists / Practitioners / Consumers

    Scientific Evidence

    Explicit Knowledge


    Humanist Knowledge

    Practitioners’ Expertise

    Tacit Knowledge


    d of

    Evidence-Based Practice

    Stakeholder Categoriz



    Applied Cyber Security Metrics Analysis

    Database of cyber security indicators and metrics: blacklists, cyber attack measurements, profitability metrics, investment efficiency metrics.

    Regulation Focused Comparative Analysis

    Assess the effectiveness of industry standards and regulations - provide a set of recommendations. Compare/develop business models to address and mitigate the effects of cyber crime.Cost benefit comparative analysis of cyber security solutions/products.

    Data Mining, Data Processing and Automated Analysis

    Automated Analysis framework using openly available information sources: privacy/security discussion forums and blogs, incident reporting web pages, bug bounties discussions and reward announcements, public police reports, Deep Web.Build a methodological framework that will rely on big data gathering, storing, processing, correlating, and organizing these massive information sources.Estimate the economic impact by developing revenue models for criminal activities.

    Economic and Behavioral Theoretic Analysis

    Cyber security information sharing in the investment behavior.Quantitative analysis, relating technical and behavioral variables, to identify network conditions indicative of cyber threats.Analysis of economic factors shaping the conditions for competition and profitability in the security industry.Cost benefit analysis of cyber security methodologies.

  • Establish a complete set of metrics for cyber security economic analysis, cyber security and cyber crime market.

    Develop new economic models for the reduction of cyber crime as a cost benefit operation.

    Estimate and evaluate the associated benefits and costs of information sharing regarding cyber attacks.

    Define the limits of the minimum needed privacy and security level of internet applications, services and technologies.

    Identify potential benefits and costs of investing in cyber security industry as a provider of cyber security services.

    Develop a framework of automated analysis, for behavioral, social analysis, cyber security risk and cost assessment.

    Provide a set of recommendations to all relevant stakeholders including policy makers, regulators, law enforcement agencies, relevant market operators and insurance companies.


    Improved social, institutional and economic comprehension of cyber security failures.

    Improved decision making, governance and investments by stakeholders (policy makers, regulators, law enforcement agencies, market operators and insurance companies).

    Provision of new models, taking into account cyber security economics, risks, social and market aspects, for improving societal resilience to cyber security risks.

    Facilitating information dissemination and sharing.

    Provide a set of recommendations to fight cyber crime through a systemic approach.

    Expected Impact

    Systemic Analyser in Network Threats

    SAINT project aims to investigate the economics of cyber crime & cyber security

    SAINT is a 24-month project, funded by the European Commission (Horizon 2020 program) under the grant agreement No: 740829, coordinated by the National Center for Scientific Research “DEMOKRITOS".


    National Center for Scientific Research “Demokritos” (GR), Technology Institute and Press "Diophantus" (GR), Center For Security Studies (GR), Universite du Luxembourg (LU), INCITES Consulting SARL (LU), Mandat International (CH),

    Archimede Solutions SARL (CH), Stichting CyberDefcon Netherlands Foundation (NL), Montimage EURL (FR).

    Project Coordinator: Dr. Stelios C. A. [email protected]

    Institute Director & Director of ResearchHead of Integrated Systems Laboratory

    Integrated Systems LaboratoryInstitute of Informatics & Telecommunications

    National Center for Scientific Research “DEMOKRITOS"




    This work is performed within the SAINT Project (Systemic Analyser in Network Threats), with the support of the European Commission and the Horizon 2020 Program, under Grant Agreement No 740829

    Budget: 1.998.700 €Duration: 2 years (May 1, 2017 – April 30, 2019)

    Contract No: 740829