Collaborative Fleet

Started in December 2020

The goal of the Collaborative Fleet project is to use deception technology to generate, share, and consume threat intelligence (TI) related to cyber-attacks carried out against Dutch Financial organizations.

https://pcsi.nl/uploads/projects/collaborative-fleet-1920px.jpg

The envisioned solution helps resolving key issues of the current cybersecurity domain leveraging on proactive and offensive security to be one step ahead of the attackers, while generating actionable TI that not available on the market at the same time. The new TI is then shared across all PCSI core partners. 

Project results

Deception is a complex topic. During the Explore phase the project team looked at several different aspects of deception and tried to answer several questions: Which attackers are the most interesting ones based on missing TI information? How would those attackers commence an initial intrusion? How can one convince those attackers them that an environment is realistic enough, such that they will reveal their TTPs and modus operandi? 

During the explore phase and the first part of the Proof-of-Concept phase the project conducted a thorough market scan aimed at finding a commercial supplier for the creation of a joint research deception platform. 

In the second part of the Proof-of-Concept phase we gained hands-on practical experience with deception technology through the research platform deployed by the vendor. In a number of iterative red-team exercises the project team will learn and understand the best ways to fine-tune the deception environment and how to make the environment realistic enough for an attacker to reveal their TTPs. 

In the pilot phase, real world data relevant to Dutch Financial Organizations, and which cannot be obtained from existing TI feeds, will be collected. 

In the exploit phase our innovative technical idea will be worked out into a real-world product, together with a complete business model canvas and a full-fledged business case. 

This project is part of the trend

21 Opportunity June 2023

Transition to predictive technologies

In the past, security defences were built around preventive measures. This was complemented with monitoring & response, to be able to detect attacks that circumvented preventive measures. But the gap between attackers' odds and defenders' strategy is still growing. That is why we also have to make use of predictive technologies (based on deep or reinforcement learning algorithms) to be able to better prepare for sophisticated attacks, and to support predictive or 'smart' decision making in cybersecurity or proactive risk management regarding cyberthreats.
Beeldmerk PCSI
PCSI is a collaboration of
    ABN-AMRO Achmea ASML Belastingdienst ING TNO Volksbank
This project is co-funded by Holland High Tech with a PPP Grant for Research and Innovation in Top Sector HTSM ® 2022 Partnership for Cyber Security Innovation