As part of our website, we use cookies to provide you with the highest level of service, including services tailored to your individual needs. By continuing to use the website without changing your cookie settings, you agree to the placement of cookies on your device as described in our Privacy Policy. You can change your cookie settings in your web browser at any time. Acceptance of essential cookies is required for the proper functioning of the website. For more detailed information, please refer to our PRIVACY POLICY.

Logotyp CTI AI

CTI-AI

AI-led Cyber Threat Intelligence (CTI) for Security Operations Centers and National Cyber Security

AI-led Cyber Threat Intelligence (CTI) for Security Operations Centers and National Cyber Security

The project is funded by the European Union under the Digital Europe Programme (GA No 101190156 — CTI-AI — DIGITAL-ECCC-2024-DEPLOY-CYBER-06)

DESCRIPTION OF ASSUMPTIONS:

CTI-AI will optimize the scalability of cybersecurity resources and advance the maturity of SOC and CTI operations through AI-enhanced technologies and methodologies. This initiative contributes to the AI transition of (National) SOC, safeguarding critical infrastructures and bolstering national security frameworks. Spearheaded by the expertise and experience of Łukasiewicz EMAG, EclecticIQ and NRD Cyber Security, the consortium is equipped to tackle these challenges. Directed by an End User Advisory Board that includes members from national cybersecurity centers of Lithuania and Iceland and other consortium member customers, CTI-AI caters to a broad spectrum of users across the EU, focusing on national security, defense, and critical infrastructure. The project’s approach incorporates developing an AI-enhanced Threat Intelligence Platform, free to use AI tooling and best practices underpinned by a mature project- and governance structure. Through these efforts, CTI-AI aims to drive forward the strategic goals of enhancing digital security and resilience across the European Union.

MAIN TASK:

The CTI-AI project leapfrogs CTI capabilities to improve cyber incident analysis and threat detection for SOCs by significantly improving the scalability of analyst resources and maturity of intelligence analysis and sharing for national SOC/NCSC (National Cyber Security Center) and the wider European industry and government. In short, to “do (much) more with less”, by adding AI enhancements to tools in support of the entire Cyber Threat Intelligence lifecycle.

This scalability and efficiency are required for National Cybersecurity and diverse SOCs capabilities to strengthen capabilities to analyze, detect and prevent evolving cyber threats and incidents. Additionally, to address the broadening critical infrastructure definition in the Network Information Security Directive 2 (NIS2) that requires national and sectorial SOC and CERTs to significantly expand their central role as a hub for intelligence sharing and security operations and response coordination.

CTI-AI project unlocks more proactive and efficient use of Cyber Threat Intelligence (CTI) for Security Operations and Response (SOC) operations, resulting in novel threat insights and their detection mechanisms and reducing the window of opportunity of emerging threats and vulnerabilities by enhancing speed of response. By improving the automation capabilities of intelligence dissemination and sharing with AI we improve the scalability and effectiveness of CTI sharing and collaboration and accelerate the adoption of EU regulations and policies. Including improving personalization of- and the ability for more tailored intelligence feeds for- and from Europe and European entities.

CTI-AI combines effort and outcomes for vendor (industry), national SOC/NCSC (customer/market), consulting (industry) and research (university) by applying emerging research, delivering market tested and proven solutions, validated by customers and with proven ability to implement and add value. Making deliverables widely available to government and industry by publishing best practices, tooling, and availability of commercial solutions favourable to government SOC/CTI. CTI-AI delivers technology products, applied research tools and best practice guidance. From leaders in their field in Europe for the European ecosystem.

PROJECT PARTNERS:

Łukasiewicz Research Network – Institute of Innovative Technologies EMAG (Łukasiewicz-EMAG), Poland – project coordinator

EclecticIQ, Netherlands (EIQ)

NRD Cyber Security, Lithuania (NRD)

PROJECT BUDGET: the total eligible costs are €5,048,99.37, of which the grant is €2,524,499.00. The total value of the project for Łukasiewicz – EMAG is: €2,402,150.00, of which the grant: 50%

ECCC European Cybersecurity Competence Centre and Cofinanced by the EU

This will close in 0 seconds