Digital technologies driving an increasingly connected world of people, organisations and things, guarantee a lucrative future for cyber-security companies and may end up to a nightmare for businesses and especially the small ones. According to Symantec 60% of targeted attacks in 2015 aimed at small businesses, while the company ‘discovered more than 430 million new unique pieces of malware’. According to one FireEye claim 77% of all cyber-crimes target SMEs. Simple endpoint protection through antivirus has become by far inadequate due to the complexity and variety of cyber threats as well as the integration of a wealth of digital technologies in business processes even of the smallest enterprises. Today, cyber-security solutions for businesses are designed to provide multilayer proactive protection, use of heuristic and threat intelligence technologies to detect unknown threats, protecting a wide range of devices (e.g. PCs, servers, mobile devices, etc.) and business practices (e.g. BYOD, remote access, use of cloud-based apps and services, etc.).

Due to this complexity, no-single security solution can practically effectively address the whole threat landscape. Threats may range from relatively harmless abusive content (such as spam messages) and other low impact opportunistic attacks, to particularly harmful such as malicious code, while they can escalate to targeted attacks (e.g. spyware, denial of service, etc.) with major operational and economic consequences for the enterprise. Top global cyber security companies such as Cisco (next generation firewalls and security software), Symantec and McAfee (endpoint protection solutions), FireEye (network security gateway and email threat prevention) and AlienVault (behavioral monitoring software and unified security management) are already offering solutions tailored to small business needs, while others, such as F-Secure and LongRythm (security intelligence and analytics platform), offer solutions (that can be) tailored for small businesses, including those without IT personnel.

Also, there are vendors offering specialized security solutions such as, NSFOCUS’s hybrid DDoS detection and mitigation (on-premises and cloud), Lookout’s mobile and app security solutions, Pertino’s secure solution for business virtualization (in the cloud) acquired recently by Cradlepoint that offers edge routing for small branch networks, Splunk’s operational intelligence platform, Balabit’s (blindspotter user behavior analytics, and log management solution). Big data analytics offer new opportunities in security management, while encryption technologies can secure valuable data and communications. Both they are increasingly used for this purpose for established companies (like the abovementioned) and dozens of security startups in Europe (e.g. Silentrcircle with its private by design smartphone, ZenMate’s applications for business, Darktrace’s enterprise immune system etc.), the USA and around the world.

FORTIKA aims to bring revolutionary innovations in the following domains:

• Move the FPGA SoC acceleration node one notch up by improving and optimizing features of the platform, which are relevant to the projects.
• Develop a complete ABAC solution powered by cloud and fog computing architectures with affordable cost for SMEs will further push the development of ABAC solutions as a means of implementing authorization, not only in corporate environments, but also in versatile ecosystems.
• Taking into account the many influencing factors of a social engineering attack, it is critical to include as many as possible of them and make inference and prediction based on a solid knowledge base. Additional works related to psychological profiles of the attackers and conversation exposure time have achieved high detection accuracy and low false positive rates. Decomposing the overall detection problem into detection of sensitive topics, attacker’s psychological profile recognition, text-classification and finally averaging the weight of different factors can lead us to efficient modeling and effective inference methods.
• Develop a proactive and dynamic risk assessment management approach, based on an innovative dynamically refined security policy that ensures effectiveness under any administrative, contextual or other change. This way, FORTIKA will provide a holistic security assurance that foresees risks and enables a proactive security management for IT responsible.
• Boost cybersecurity in detection of malware and vulnerabilities of systems, being able to detect malicious files and URLs, in batch and real-time analysis.
• Develop homomorphic building blocks that cover a sufficient number of mathematical operations and functions. This can be done by extracting the homomorphic applications from literature.
• Develop a novel algorithm to break any application into a number of pieces where each and every piece can be mapped onto the homomorphic building block residing in the cloud. This can be achieved by applying the same analogy behind the WolframAlpha platform.
• Develop a key management framework which seamlessly interconnects the clients, service providers and the cloud service providers (with homomorphic building blocks).
• Design and implement a hierarchical data abstraction, building on the existing CIDEM model and following a multi-layered approach with each layer corresponding to different levels of granularity that will be available to users according to their requests and role allowing for fast, cross-sectorial data sharing without violating IPRs.