Our planned research in the field of cybersecurity currently focuses on real-time vulnerability detection and management. The cornerstone of cybersecurity is the ongoing assessment of emerging information regarding to the threat to the given IT systems. The solutions currently supporting the collection and analysis of security information on the systems and their components to be protected are often difficult to implement due to their multiplicity, the complexity of the incoming data and to the amount of resources required for analysis.
Furthermore, a major redesign and modification of the operation of the examined system as well as the integration of additional components may be required, thus the security parameters of the given system can be easily modified, i.e. they are not immune to intrusion.
The research will examine how the criteria of information security can be specified during the lifecycle of critical information infrastructures as well as what methodology and automated toolkit can be used to ensure that the architecture meets these criteria. In addition, we will also analyse how the available internal and external data sources can be utilized in the case of already deployed critical information infrastructures in order to define the dynamic risk level of the system as accurate as possible, and to identify the priority risk factors with as little human intervention as possible.
In the present phase of our research, we focus on the evaluative review of the available data sources, the identification of opportunities for linking with domestic research initiatives and the examination of international results. A security model enabling the automatic risk assessment model is being developed.
In addition to the research topics described above, the Special Service for National Security continues to launch further research projects on (cyber)security as set out in its plans.
