Ecosystem Cyber Safety - Free - Instant - Democratic - Anonymous: Connecting and Protecting Our Extended Supply Networks from Cyber Threats: Invitation to Manufacturing SMEs & MEs -> Join Us in our Horizon Europe Innovation Action SU-DS03-2019-2020 “eGoose - Towards “Instant” Deep Diffusion of Actual and Real-Time Cyber Safety Solutions through the Complete Extended Supply Networks.

Industry Invitation to Participate in our “eGoose” Horizon Europe Innovation Action Proposal on enabling “Digital Security and Privacy for Small and Medium Enterprises (SMEs) and Micro Enterprises (MEs)” with a focus on “Instant” Deep Diffusion of Actual and Real-Time Cyber Safety Solutions through the Complete Extended Supply Networks of “Late Majority” High Value Manufacturing SMEs & MEs.

The Open European Network for Enterprise Innovation in High Value Manufacturing (ENTOV-HVM) in collaboration with the Innovation Value Institute at Maynooth University (Ireland) hereby invites Manufacturing SMEs / MEs to participate in our upcoming proposal to develop and implement an innovative Cyber Safety solution that will diffuse “instantly” through their complete extended supply networks. Proposal submission will be by August 27th, 2020. The proposal will apply for three year and €4M funding. For more details see our initial presentation HERE  and the call details HERE.

** 4 July 2020 - Updated Presentation HERE **

ENTOV-HVM aims at strengthening Europe's innovation capacity and at fostering innovation in higher education, business and the broader socio-economic environment of the European Union by identifying, developing, and sustainably implementing measures to disruptively accelerate the value creation of innovative ideas in high value manufacturing from inception to late adopters and laggards in markets at individual, organizational and systemic levels.

The Innovation Value Institute at Maynooth University (Ireland) is a globally leading research institute on technology adoption and diffusion with a dedicated group focused on Cyber Safety and relevant effectiveness frameworks.

The following definitions apply:

• Micro: Enterprises which employ fewer than 10 persons and whose annual turnover and/or annual balance sheet total does not exceed EUR 2 million.
• Small: Enterprises which employ fewer than 50 persons and whose annual turnover and/or annual balance sheet total does not exceed EUR 10 million, excluding enterprises that qualify as micro-enterprises.
• Medium-sized: enterprises which employ fewer than 250 persons and which have an annual turnover not exceeding EUR 50 million, and/or an annual balance sheet total not exceeding EUR 43 million, excluding enterprises that qualify as micro-enterprises and small enterprises.

Organizations not meeting the above criteria (i.e. being of industrial size or acting as associations or intermediaries or solution providers) are also welcome to apply for joining the proposal, although they will become unfunded project associates, while benefitting from the intangible and tangible benefits of the project itself.

The challenge posed is sub-topic b of the call “Small and Medium-sized Enterprises and Micro Enterprises (SMEs & MEs): Defenders of Security, Privacy and Personal Data Protection“ and specifies: Most SMEs & MEs lack sufficient awareness and can only allocate limited resources - both technical and human - to counter cyber risks, hence they are an easier target (e.g. of ransomware attacks) compared to large organizations. Security professionals and experts working for SME s & MEs need to be in a constant learning process since cybersecurity is a significantly complex and fast-evolving field. Taking into account the significant economic role of SMEs & MEs in the EU, tailored research to innovation should support cybersecurity for SMEs & MEs.”

The proposal is focused on the “late majority” of any user group. Late majority adopters are in general not particularly interested in change and usually only adopt innovations, if there is a strong feeling that they must be part of mainstream changes. Late majority adopters represent ~34% of the total potential user group. Laggard adopters require significant evidence of change benefits while then adopting these extremely cautiously. Late majority adopters stand in contrast to (a) Innovators who are eager users, who enjoy experimentation and often collaborate with inventors. Innovators represent ~2% of the total potential user group, (b) Early adopter users who are typically (in-) formal opinion leaders that act as influencers sharing success stories of using the products. They are less interested in experimentation than innovators and are usually seeking improvements and efficiency. As with innovators, engagement requires little effort since they are open to change. Early adopters represent ~14% of the total potential user group, (c) Early majority adopters who are true followers open to change through innovation but require a sense of assurance through earlier adopter user peers. Early majority adopters represent ~34% of the total market share, and (d) Laggard adopters who require significant evidence of change benefits while then adopting these extremely cautiously. Laggard adopters represent ~16% of the total potential user group.

The Innovation Action builds on existing technical solution frameworks (i.e. the German open source Corona warning app), refocuses these on Cyber Safety and, most importantly, brings the solution to life (“living and breathing”) based on advanced research and practice in social engineering for ecosystem orchestration. Intangible and tangible outcomes will be generated:

• The aspired intangible outcome is the voluntary capture of information regarding actual and anticipated Cyber Safety compromises within the extended supply networks of SMEs & MEs, the automatic and instant relevant notification of other network members, and the action of notified members to mitigate the threat informed of through collaboration with relevant trusted experts from business and research who volunteer their capabilities. The key innovative contribution is the social engineering needed to drive high degrees of participation through the science of living systems and ecosystems, and which will be based on leading principles of game design and “viral” information dissemination techniques.
• The aspired tangible outcome will be a voluntarily self-registering, free, decentralized, open source “app”, enabling and accelerating the real time diffusion of Cyber Safety Solutions related to Security, Privacy and Personal Data Protection to Late Majority adopters, in and across SMEs & MEs in the core expertise area of the proposal consortium which is High Value Manufacturing ecosystems, for continuously increasing / maintaining Cyber Effectiveness. 

The app thus autonomously orchestrates a self-organizing opt-in/-out Cyber Safety Ecosystem protecting existing (and future) extended supply network partners from actual and anticipated incidents based on evolving best practice, motivates ecosystem collaboration, and improves its orchestration capability based on Living Systems Theory, System Dynamics Modeling and Artificial Intelligence.

Simply put, the app will enable the emergence of instant trustful collaboration in the notification of incidents and anticipative responses for cyber safety matters within ecosystems based upon principles of a distributed Corona Warning App, existing solutions (i.e. Kaspersky Total Security, McAfee Total Protection or Norton 360), and advanced cyber threat detection and forecasting approaches typically only available to large organizations. The proposal will integrate the “best of” technology solutions and the social engineering needed to bring these to life for especially “late majority” ecosystem participants within the relevant self-organizing “unified contact center”.

The proposed solution will apply the Maynooth Cyber Safety Effectiveness Framework to accelerate the increase in Cyber Safety maturity of especially “late majority” participants of the extended supply networks of SMEs and MEs by democratizing access to and triggering use of tools and solutions of varied sophistication level, to enable them to rapidly benefit from innovative targeted solutions addressing their specific needs and available resources (currently reserved to larger organizations, due to their cost and availability of internal expertise). Furthermore, the proposal will develop targeted, user-friendly and cost-effective solutions enabling the participants to:

• dynamically monitor, forecast and assess their security, privacy and personal data protection risks,
• become more aware of vulnerabilities, attacks and risks that influence their business,
• manage and forecast their security, privacy and personal data protection risks in an easy and affordable way, and
• build on-line collaboration between them, thus enabling them to report any (anticipated) incident and trigger suitable treatment activities.

Business participants will receive deep insights into how cyber safety solutions are currently deployed effectively across ecosystems by their peers and receive early access to the solution as it develops. Business participants will be expected to contribute case studies, validate research findings and host at least one workshop in their spaces each year of the project. They will furthermore be expected to pilot the developing solution in their own supply chains. Piloting involves mapping their supply network partners, supporting the distributing of the solution among their supply network partners, regularly (re-) assessing the Cyber Safety effectiveness of their supply network, helping to coordinate use case simulations, and committing to pro-active use of the solution at least during the implementation and validation period of the project. Business sponsors are expected to be CISOs (where present), business owners and senior business leadership as relevant. Business participants are not required to contribute funding, nor will they receive funding. The minimum effort involved is expected to be 80 work hours for each year of the project at minimum. A Letter of Intent confirming participation and resource allocation will be required. Business participants may also join after formal start of the project subject to project budget and resource availability.

Further proposal participants from higher education and research currently are: VTT (Finland), UniSmart (Italy), Technical University of Berlin (Germany), University of Lisbon (Portugal), Riga Technical University (Latvia), Vidzeme University (Latvia) and Tuke University (Slovakia). The list of business and intermediary participants is growing and will be released in due time.

We look forward to hearing from you.

Dr. Oliver Schwabe, Principal Web Weaver ENTOV-HVM

P.S. If you are interested in learning more please visit us at www.innovation-web.eu, our LinkedIn Group at https://www.linkedin.com/groups/8779542/, our blog at https://www.innovation-web.eu/entov-hvm-blog, our Researchgate project page at https://www.researchgate.net/project/Open-European-Network-for-Enterprise-Innovation-in-High-Value-Manufacturing-ENTOV-HVM, our Sourceforge page at https://sourceforge.net/projects/entov-hvm/  and our Facebook page at https://www.facebook.com/groups/2014779865300180/. You can also follow us via Twitter: @owschwabe (#innovationweb) and the LinkedIn Group page https://www.linkedin.com/company/entov.