iSOCaaS will focus on the delivery of intelligent, managed Security Operation Centre services (i.e., providing intelligent SOC as a Service) tailored to the needs of sectorial, National & cross-border European Cyber Resilience.
Building on established commercial offerings and successful relevant EU-funded projects already under way, iSOCaaS will holistically integrate capacities for AI-assisted shared situational awareness, coordinated incident response & joint preparedness at the sectorial, national & cross-border level.
Approach
The iSOCaaS conceptual architecture comprises two main groups of components:
Core Security Operations Enablers
Holistically covering the core capabilities of the SOC, forming the “Baseline SOC Services Tier” of iSOCaaS, to be offered to service consumers without previous (or as mature & comprehensive) SOC capacities.
Intelligent SOC Enablers
Leveraging AI to enhance core capacities with Beyond SoTA capabilities not offered by “traditional” approaches, forming the “Intelligent SOC Services Tier” of iSOCaaS, suitable for both consumers of (1) and end users with mature SOC capacity lacking AI-enabled features.
Operational Impact
iSOCaaS will be operationally validated at the sectorial level (covering 62 entities of essential and important sectors and SMEs in Greece), national level (involving the authorities entrusted with the cybersecurity of Greece; i.e., NCSA, the National Competent Authority, and HMOD, which operates the National CSIRT), and at the cross-border level (leveraging the involvement of said National Authorities in the creation of the ATHENA Cross-border SOC).
Furthermore, the provision and assessment of cybersecurity insurance schemes tied to the offering of the iSOCaaS service will also be included.
The above will ensure a holistic assessment of iSOCaaS and the impact of AI-enhanced SOC services in promoting European Cyber Resilience.
Policy Alignment
Overall, iSOCaaS aims to provide SOC services aligned with the EU’s cybersecurity landscape, such as the EU Cyber Security Strategy, key EU cybersecurity actors (e.g., ENISA, CSIRTs network, CERT-EU, Europol, Information Sharing and Analysis Centres – ISACs), and relevant initiatives (e.g., CyCLONe).
Eventually, through iSOCaaS, a reference intelligent SOC as a Service will be established, assisting European entities – including OES & their supply chains: to achieve cybersecurity & resilience and, by extension, enhance the EU Member States’ capacity for supervising their critical sectors, facilitating compliance with the current and upcoming requirements and initiatives (e.g., NIS/NIS2, CRA, JCU), also supporting the National cybersecurity capacity for cross-border collaboration & coordination at the European level.
Key Impact Metrics
- 62 pilot users onboarded for 12 months
- 50+ incident response playbooks delivered
- 50+ CTI sources integrated
- 12-month cybersecurity insurance contracts offered