CY-TRUST: A Sectorial SOC Framework for Enhanced National and Cross-Border Cybersecurity Resilience
摘要
CY-TRUST introduces a federated framework for deploying sectorial Security Operations Centers (SOCs) to enhance national and EU-level cybersecurity resilience. Focused on Cyprus’s critical sectors energy, maritime, government, and SMEs, the architecture supports scalable, standards-based implementations aligned with NIS2 and the Cyber Resilience Act. Each sectorial SOC integrates AI-driven situational awareness, incident response playbooks, and structured Cyber Threat Intelligence (CTI) sharing via Structured Threat Information Expression (STIX). It also integrates Trusted Automated Ex-change of Intelligence Information (TAXII), and the Malware Information Sharing Platform (MISP). A multi domain ICT/Maritime/Industrial cyber range, Cyber Threat Realm (CTR), ensures continuous training and preparedness. Three SOC deployment variants accommodate varying stakeholder maturity, coordinated through a national backend operated by the Digital Security Authority. CY-TRUST aligns with EU initiatives such as JCOP, NG-SOC, and PHOENi2X, and provides a replicable blueprint for federated SOC ecosystems. This paper presents the architecture and implementation approach of CY-TRUST, demonstrating its value as a strategic model for adaptive and collaborative cyber defense.