CY-TRUST introduces a federated framework for deploying sectorial Security Operations Centers (SOCs) to enhance national and EU-level cybersecurity resilience. Focused on Cyprus’s critical sectors energy, maritime, government, and SMEs, the architecture supports scalable, standards-based implementations aligned with NIS2 and the Cyber Resilience Act. Each sectorial SOC integrates AI-driven situational awareness, incident response playbooks, and structured Cyber Threat Intelligence (CTI) sharing via Structured Threat Information Expression (STIX). It also integrates Trusted Automated Ex-change of Intelligence Information (TAXII), and the Malware Information Sharing Platform (MISP). A multi domain ICT/Maritime/Industrial cyber range, Cyber Threat Realm (CTR), ensures continuous training and preparedness. Three SOC deployment variants accommodate varying stakeholder maturity, coordinated through a national backend operated by the Digital Security Authority. CY-TRUST aligns with EU initiatives such as JCOP, NG-SOC, and PHOENi2X, and provides a replicable blueprint for federated SOC ecosystems. This paper presents the architecture and implementation approach of CY-TRUST, demonstrating its value as a strategic model for adaptive and collaborative cyber defense.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

CY-TRUST: A Sectorial SOC Framework for Enhanced National and Cross-Border Cybersecurity Resilience

  • Adamantini Peratikou,
  • Evagoras Charalambous,
  • Eliana Stavrou,
  • Panayiota Smyrli,
  • George Hadjichristophi,
  • Stavros Stavrou

摘要

CY-TRUST introduces a federated framework for deploying sectorial Security Operations Centers (SOCs) to enhance national and EU-level cybersecurity resilience. Focused on Cyprus’s critical sectors energy, maritime, government, and SMEs, the architecture supports scalable, standards-based implementations aligned with NIS2 and the Cyber Resilience Act. Each sectorial SOC integrates AI-driven situational awareness, incident response playbooks, and structured Cyber Threat Intelligence (CTI) sharing via Structured Threat Information Expression (STIX). It also integrates Trusted Automated Ex-change of Intelligence Information (TAXII), and the Malware Information Sharing Platform (MISP). A multi domain ICT/Maritime/Industrial cyber range, Cyber Threat Realm (CTR), ensures continuous training and preparedness. Three SOC deployment variants accommodate varying stakeholder maturity, coordinated through a national backend operated by the Digital Security Authority. CY-TRUST aligns with EU initiatives such as JCOP, NG-SOC, and PHOENi2X, and provides a replicable blueprint for federated SOC ecosystems. This paper presents the architecture and implementation approach of CY-TRUST, demonstrating its value as a strategic model for adaptive and collaborative cyber defense.