Web Analytics

fundsforNGOs

Grants and Resources for Sustainability

You are here: Home / Call for Proposals and Call for Applications / European Commission: Improving Cyber Defence and Incident Management with Artificial Intelligence

European Commission: Improving Cyber Defence and Incident Management with Artificial Intelligence

Deadline: 9-Dec-21

European Commission is calling for proposals for Improving Cyber Defence and Incident Management with Artificial Intelligence.

Scope

  • Addressing the identified challenges will require inter- and multidisciplinary approaches, where teams conduct work of both a technical and a non-technical nature. Analysis of technical, tactical, operational, strategic and political considerations are required. On a technical level, proposals should provide proof-of-concept solutions for AI-based incident management and cyber defence, including detection, mitigation and response. Capable intrusion detection systems (IDS) could form a starting point for proposals. However, proposals must not seek to further the analysis capabilities of IDS alone, but in the context of an automated or semi-automated system for handling incidents.
  • In additional to purely technical solutions, processes and actors of selected enterprises may need to be mapped, modelled and understood to ensure fit-for-purpose solutions and answer questions of a more conceptual nature. Proposals are further expected to consider the interaction between human operators, analysts and decision makers and the automated or semi-automated incident management and response system.
  • A suitable methodology for building contextual understanding is expected through case studies of selected processes, incidents and cyber-attacks of selected enterprises, and case studies of successful detection approaches and resilience oriented success stories where technical and non-technical challenges can be studied and addressed at different levels. For the development of technical proof-of-concept prototypes, an appropriate development approach, which includes user and stakeholder involvement, should be leveraged.

Objectives

  • The Commission will pay particular attention to the other R&D and dual-use on-going initiatives at Union level to avoid unnecessary duplication.
  • The ability to detect and respond to security incidents suffers from several challenges, including: the ever increasing amount of data that needs to be analysed in order to detect and fully understand security incidents; the number of false alarms generated resulting in, for instance, erroneous prioritisation and alarm fatigue amongst operators and analysts; lack of (human) resources to sufficiently analyse all potentially malicious activity; the decreasing effectiveness of traditional defence measures based on known set of rules (e.g. a priori known signatures and/or network traffic profiles) due to the increase of encrypted network traffic and their inadequacy against advanced persistent threats and zero-day attacks (including malware that exploits unknown vulnerabilities, targeted phishing attacks, low-rate data exfiltration, abnormal user behaviour, etc.); choosing appropriate measures in response to attacks in a timely manner, when the scope is uncertain and the situation develops faster than a human being may follow without advanced decision-making support, and while the compromise potentially have or will extend over weeks, months or years.
  • The use of Artificial Intelligence (AI) seems promising in order to address many of these challenges – and AI has recently shown great results in areas such as playing strategic games and analysing text.
  • This call seeks proposals that help increase the level of automation in incident management and cyber defence activities through the use AI. In this setting, the engagement of state-of-the-art AI methods should be used to automate incident management and cyber defence activities, including incident detection and response, carried out by security operation centres (SOCs), and cyber defence teams (or similar entities) when they detect and analyse events and determine what actions to take.

Funding Information

  • The Union is considering a contribution of up to EUR 13 500 000 to support proposals addressing the above mentioned topic and its associated specific challenge, scope, targeted activities and functional requirements.

Targeted Activities

The proposals must cover the following activities as referred in article 10.3 of the EDF Regulation:

  • Activities aiming to create, underpin and improve knowledge, products and technologies, including disruptive technologies, which can achieve significant effects in the area of defence;
  • Activities aiming to increase interoperability and resilience, including secured production and exchange of data, to master critical defence technologies, to strengthen the security of supply or to enable the effective exploitation of results for defence products and technologies;
  • Studies, such as feasibility studies to explore the feasibility of new or improved technologies, products, processes, services and solutions
  • Design of defence products, tangible or intangible component or technology as well as the definition of the technical specifications on which such design has been developed which may include partial tests for risk reduction in an industrial or representative environment.

Eligibility Criteria

Participation of entities from other countries is subject to conditions defined to ensure the security and defence interests of the EU and its Member States. They also guarantee the freedom of action of Member States in the use and export of resulting defence equipment. More particularly:

  • Entities established in the EU but controlled by entities from can participate as member of the consortium and receive funding provided security-based conditions are met.
  • Entities established outside the EU can also cooperate and need to adhere to similar security-based conditions, but they cannot receive funding from the EDF.

For more information, visit https://bit.ly/3EJhHMT