Successful demonstration system for automated cyber security in healthcare
Cyber security is becoming so complex due to increasingly sophisticated attacks that we need to move towards automated and autonomous systems to keep up with them. Machines will then largely take over human tasks. TNO, together with industry partners, has succeeded in building a system that can automatically repel cyber threats. This is an important milestone in the development of automated cyber security.
Working prototype
A working prototype of the system was recently demonstrated under realistic conditions in an emulated hospital environment, together with the Netherlands Cancer Institute (NKI). The prototype was created through TNO’s collaboration with KPN, US software giant VMware, and Dutch company BiZZdesign. It closes the circle of early threat detection, analysis of effective measures, and automatic response.
Ultra-rapid evolution of cyber attacks
The ultra-rapid evolution of sophisticated and automated cyber attacks makes it increasingly challenging for defenders to keep pace with attackers. Traditional methods of human intervention are no longer fit for purpose.
Vital importance
Established in 2020, the Automated Security Operations (ASOP) consortium, which brings together public authorities, science, and industry, aims to further develop the prototype into an interoperable platform that can also automatically fend off cyber threats and attacks in more complex live environments.
It will enable companies and organisations in the Netherlands to further automate their cyber security operations. The availability of this technology is vital to protect the Dutch digital economy and infrastructure in the rapidly changing cyber landscape.
"The amount of digital infrastructure we continuously depend on is increasing and the threats on our infrastructure are growing along with it. Smart and innovative solutions are needed to keep the controls on our infrastructure in our hands and resist the threats at the same pace. ASOP is an initiative to learn and discover how digital security can be addressed from innovations that are immediately applicable."
Automatic response
The prototype should result in a platform that automatically responds to both ongoing cyber attacks and newly available intelligence on threats. In both cases, the platform will automatically determine the best possible response based on an analysis of the monitored data streams. As a result, the threat will be repelled without sacrificing business continuity.
Versatile platform
Based on the working prototype, the ASOP platform will be further refined to integrate even better with existing environments where security solutions and modules from different suppliers are present. This makes the platform highly versatile, so that it is able to tackle – live – a wide range of digital threats.
In the ASOP programme, TNO is focusing structurally on Automated Security solutions to make this platform operational in sectors such as government and hospitals, in order to share and receive targeted threat information from sectoral and national Computer Emergency Response Teams such as Z-CERT.
Automated Security solutions
ASOP develops Automated Security solutions via the Next Generation Security Platform and Development, Test & Deployment Hub. This keeps us digitally resilient now and in the future.