In this Deliverable we present an overview of the CS-AWARE project. It is conceived as a potential book publication, written for stakeholders in public administrations and professional companies, and it comprises 6 chapters. In Chapter 1, we provide an introduction to the current cybersecurity landscape, both in a global sense and mapped to the specific requirements of LPAs. We identify a gap in the current state-of-the-art with respect to awareness and collaboration to improve cybersecurity in LPAs – and its relation to the current European cybersecurity framework – and we outline the requirements for closing that gap. The chapter is concluded by pinpointing how CS-AWARE addresses those requirements and giving an outlook on how the following chapters detail the respective solutions. In Chapter 2, we explore the background of the approach to systems and dependency analysis (SDA) that we used for the two pilot cities. Beginning with an overview of the inception and development of the current understanding of the importance and significance of the nature of socio-technical systems, we then describe the approach we took to conduct the SDA’s in the pilot cities and describe the results that we obtained. We conclude with a review and discussion of our overwhelmingly positive experience of using SSM in a cybersecurity setting. In Chapter 3, we focus on the technological aspects of the implementation of the CS-AWARE solution, which aims at supporting system administrators with cybersecurity awareness about the information system they are in charge of, by analysing the information found in the log files of their most critical systems and visualising the results in an appropriate manner. In this way, system administrators are quickly informed whether there are indications of suspicious activity occurring in their systems and they also receive recommendations or suggested actions to take for specific instances of the aforementioned issues. Furthermore, by collecting and analysing publicly available cyberthreat intelligence, the CS-AWARE system is able to deduce whether there are cyberthreats in the wild that could harm a specific information system it monitors and issue the necessary warnings accordingly. In Chapter 4, we present the viewpoint of the users of the CS-AWARE technology, the pilot municipalities of Rome and Larissa. Users address their motivations, their objectives, and their expectations for the CS-AWARE system. Crucially, we present the main impacts of their participation in this project: increased reflection, increased understanding of their own context and system, increased teambuilding and collaboration, and collaboration with academy. In Chapter 5, we discuss the complexity of marketing CS-AWARE to the public sector. CS-AWARE is not a concrete product to sell, as in: here it is, there you have it. It is explained that the public sector is complicated, and heterogeneous in many aspects: size, policies, degree of autonomy and cooperation. Policy agents in smaller municipalities often lack the relevant knowledge, lack sufficient funding, and often have no explicit policy. For our context, we should link to the needs and expectations of potential customers. This asks for building good relationships and credibility. Various tactics for building up understanding and rapport are presented, including educational ones. Finally, in Chapter 6, we summarise the outcomes of the CS-AWARE intervention in two municipalities. Because we collected their feedback during most of the design and implementation processes, users are strongly involved and have a sense of ownership. We discuss the ‘awareness’ concept in some detail, to conclude that many aspects of awareness have been evolving in a positive direction. We end the chapter with a short discussion of two domains for which our approach to cybersecurity awareness could also make a positive contribution.

View PDF