First Open Pilots Workshop: Post-event report



The first Open Pilots Workshop took place in Pisa on November 5 and attracted representatives from 12 organisations interested in testing the platform and presenting their individual training requirements to the expert panel comprising both project partners and invited guests from the four European Competence Centre Pilot Projects.


Podium Presentations

First on the agenda were two podium presentations, one from Gianluca Dini of the University of Pisa on the topic Cybersecurity and skills gap in Europe: Facts & figures, and the other from Gonçalo Santos Martins of Energias de Portugal, entitled Filling the cybersecurity skills gap: Why training matters for your business.

In company with Ferrovie dello Stato Italiane, both UniPi and EDI are full-scale pilot sites for the project. Together, these three large organisations provide investigators with access to a broad range of users facing a variety of threats across a multi-faceted technology landscape. The purpose of the open pilots is to further enrich the investigators’ purview as the platform continues to take shape over the course of the project.


Presentations from the European Competence Centre Pilot Projects

An important aspect of the workshop was the presence of representatives from the European Competence Centre Pilot Projects, recently established with EU funding to prepare the European Cybersecurity Competence Network. In a panel session during the second half of the morning, workshops delegates were introduced to each of the four projects - CONCORDIA, Cybersec4Europe, ECHO ,and SPARTA – and to their individual and shared goals and objectives. The session was moderated by coordinator Nicholas Ferguson of Trust-IT Services and attracted a lively discussion from the floor.

A brief summary of the presentations and discussions follows.

CONCORDIA (Cyber security cOmpeteNCe fOr Research anD InnovAtion)

Speaker Claudio Agostino Ardagna from the Università degli Studi di Milano defined the objective of the 55 CONCORDIA project partners as being to develop a Europe-wide educational ecosystem for cybersecurity by identifying and mapping leading research, technology, industrial and public competences already being used in cybersecurity education, and also by developing further, next generation solutions using AGILE methodologies. In boosting cybersecurity competencies, he said, CONCORDIA aimed to strengthen European industrial competitiveness and enhance economic growth.

Cybersec4Europe (Cybersecurity for Europe)

Speaker David Goodman of Cybersec4Europe project partner organisation Trust in Digital Life, Belgium explained that the goal of the predominantly research-based Cybersec4Europe consortium is to develop a cybersecurity skills framework model for both education providers and employers. He said the partners would work across four different but inter-related areas with a strong focus on openness and citizen-centricity in order to ensure the adequacy and availability of cybersecurity education and training as well as common open standards. In the process they will design, test and demonstrate potential governance structures for the network of competence centres, develop software recommendations, and build communities.

ECHO (European network of Cybersecurity centres and competence Hub for innovation and Operations)

Speaker Matteo Merialdo of RHEA, Belgium, the coordination partner for ECHO, said that creating a federated cyber range and an early warning system were key areas of focus within the ECHO project. Highlighting the multi-sector approach which distinguishes ECHO, he explained that multiple cyber ranges would be leveraged by the creation of a shared marketplace where content providers can upload contents/scenarios for general use, thus widening the pool of scenarios available to single organisations. He also clarified that the ECHO Early Warning System will be an operations support tool enabling members to coordinate and share incident reports and other cybersecurity-relevant information in near-real-time

SPARTA (Strategic Programs for Advanced Research and Technology in Europe)

Speaker Fabio Martinelli of CNR, Italy characterised the main purpose of SPARTA as being to contribute to European strategic autonomy in cybersecurity. As such, he said, SPARTA will design a long-term roadmap for building competence centre networks using a community-based approach to map local training, certification and industry networks with a view to standardisation.


Introducing the Open Pilots

Each of the open pilot candidates was given the opportunity to take the podium and describe their organisation and the particular cybersecurity training needs that had brought them to the event in search of assistance. Demonstration and Interactive Session

In the final session before lunch, delegates were introduced to the main elements of the platform via a demonstration and walk through of the Workspace. The learning path was also presented alongside the advanced tools which are incorporated in the platform, and the cyber range itself.

This session was presided over by project partners Niccolò Zazzeri, Trust-IT, Italy, Anže Žitnik, XLAB, Slovenia; Gencer Erdogan, SINTEF, Norway, and Matteo Merialdo, RHEA, Belgium, and was followed by a working lunch during which delegates were able to test the platform in person.

A brief summary of the presentation follows.

  • Learning path
    Designed in line with ISO 27005 requirements, the learning path offers both theoretical and experiential material and is spread over the four levels Primer, Basic, Intermediate, and Advanced. Each level builds on the preceding one so that together they encompass the full knowledge landscape. This arrangement offers learners complete flexibility to slot in at their individual level of need, allowing for a high degree of customisation.
    In increasing order of complexity, the learning phases are: Cybersecurity and risk awareness; context establishment, Cyber risk assessment; Cyber risk treatment and cost/benefit analysis.
  • Technical assets and tools
    To serve the requirements of each phase, specific technical assets and tools are being developed within the project. These are detailed within the presentation and include amongst others a graphical dashboard for scenario design and configuration, a digital library, an economic risk evaluator with appropriate risk models, attack and countermeasures simulators, an anomaly detection reasoner, and vulnerability assessment tools.


The Open Pilot Opportunity

In bringing the full-day event to a close, Antonio Alvarez Romero from coordination partner ATOS, Spain, gave a presentation entitled Building the cybersecurity workforce of tomorrow -Implement your own Open Pilot with in which he described the open pilot opportunity and the procedure to be followed by candidate organisations. A brief summary of the presentation follows.

  • The open pilot concept enables organisations to test the platform at no cost for a three-to-six-month period via training customised to their specific requirements. Organisations accepted for the first tranche will commence training some time between December 2019 and March 2020.
  • To enrol, candidate organisations must specify their requirements using the appropriate form, and identify the trainees to be included in the pilot so it can be planned and then scheduled.
  • After completion of the training, advanced users will be inserted in the Cybersecurity Professional Register (CyPR) which is currently under development.


Workshop Outcomes

The day was an undisputed success, not least because all the candidate organisations present signed up as pilot users and arrangements are already underway to table their requirements and schedule the training.

In addition, video interviews conducted during the day with both speakers and delegates attest to their having found the workshop educational and useful. The following are some examples:

Hani Banayoti, Director at CyberSolace, UK

“This workshop has been valuable in investigating and exploring new tools that would help companies exercise and rehearse the cyber threats they may be facing. The workshop has been a really interesting collaboration across the teams and participants, including the discussions on developing the tool and its value for diverse organisations, including governments and at the micro level. Our company has come away with a rich experience on this flexible and versatile tool for customers to tackle their cyber threats.

Calisto Calisti, CIO and CISO at Ingegneria Dei Sistemi SpA

“The workshop has been very important and interesting for sharing information on training requirements and the cyber range platform. This gives a new opportunity to combat new threats on information security.”

David Goodman - Trust in Digital Life, Belgium and Cybersec4Europe

“It has been really important to come to the Open Pilot Workshop from a Cybersec4Europe perspective. I've discovered that there are a lot of synergies for training, education, skills and awareness, as well as for reaching out to SMEs and citizens in particular. It will be vital to leverage all this work aimed towards creating greater awareness. We look forward to the coming months and years to drive the synergies that exist between us and

”One of the other benefits of this workshop is the panel with the other competence network pilots: Cybersec4Europe, SPARTA, ECHO and CONCORDIA in the context of and giving us a platform to set out our plans for work togethering and finding the right partners within the four networks.”

Matteo Merialdo, Manager, Security R&D Projects at RHEA and representing ECHO

“From an ECHO perspective, we have particularly appreciated the workshop discussions as an opportunity to take forward a liaison with as complementary Horizon 2020 project on cyber ranges.”

Nicholas Ferguson, Trust-IT and Coordinator

“The workshop was an excellent opportunity to get first-hand feedback from SMEs and academia on cybersecurity skills. It was also an important opportunity to bring together the four competence pilots, understand how they aim to create better facilities and competences across Europe and how other EU initiatives, like and, can contribute to a building strong cybersecurity in the European Union.”                                                                    

To request an Open Pilot consultation for your organisation, click here.                                                               






WISER on International Federation for Information Processing - IFIP

Cyberwiser: Real-time, risk management-based solutions to democratise cybersecurity

Authors: Antonio Alvarez Romero (ATOS), Atle Refsdal, Gencer Erdogan (SINTEF), Paolo Lombardi (TRUST-IT), Anže Žitnik, Aleš Černivec (XLAB), Roberto J. Mannella (REXEL)

Abstract: Given the strong threats and available solutions, WISER ( comes at the right time to address the cyber resilience issue, by putting in place precisely what is required: A portfolio of services aimed at assessing and monitoring cyber risks faced by organisations. The communication style chosen by WISER is direct and aimed to the apical positions of any organisation, helping them to interpret each scenario and supporting them in the decision-making process to mitigate exposure to cyber risks. WISER delivers an agile and easy-to-implement risk management methodology, without the need for six-figure security budgets, complex and time-consuming procedures, or dedicated teams of external consultants.

The article will soon be published on Springer Verlag

WISER at Cloudscape 2016 - Position Paper

How WISER is paving the ground for cyber security challenges in the Digital Single Market

Authors: Elena González (ATOS), Antonio Álvarez (ATOS), Aljosa Pasic (ATOS)

Focus: Started in June 2015, the WISER H2020 Innovation Action will deliver, in late 2017, a cyber-risk management framework that dynamically assesses the cyber risk to which the client ICT infrastructure is exposed. This is done by continuously monitoring the risk associated to the cyber-climate of its ICT operational environment. It considers not only the technical side of cyber risk but also incorporates the business side, including socio-economic impact assessment.

PDF icon Cloudscape2016_position paper_WISER.pdf

WISER at Cloudscape Brazil 2016 - Position Paper

How WISER project is preparing the ground for cyber security challenges in the Digital Single Market

Authors: Elena González (ATOS), Antonio Álvarez (ATOS), Aljosa Pasic (ATOS)

Focus: The Horizon 2020 WISER project will deliver, in late 2017, a cyber risk management framework that dynamically assesses the cyber risk to which the client ICT infrastructure is exposed. This is done by continuously monitoring the risk associated to the cyber-climate of its ICT operational environment. It encompasses not only the technical side of cyber risk but also incorporates the business side, including socio-economic impact assessment. WISER builds on current state of the art methodologies and tools, leveraging best practices from multiple industries.

PDF icon WISER_Cloudscape Brazil 2016_0.pdf

WISER on ERCIM News 106

WISER delivers a cyber-risk management framework to assess, monitor and suggest mitigation options for cyber risks in real time, while incorporating socio-economic impact aspects, building on current state of the art methodologies and tools, and leveraging best practices from multiple industries and international initiatives. The WISER framework features cyber-risk modelling techniques and monitoring tools that observe the state of ICT infrastructure and services in an organisation. These provide the information necessary to evaluate risk levels and drive decision support tools to recommend effective mitigation options based on cost-benefit analysis of the risk impact. The aim of WISER is to increase cyber risk awareness as well as make cybersecurity understandable to management personnel and facilitate their decisions about risk management and inclusion of cybersecurity systems.

PDF icon Ercim_News_Issue_106_Web.pdf

WISER on European CIIP Newsletter

Cyber-attacks are becoming a clear obstacle for European economies to strive. It is decreasing trust of the users and slowing down the growth of the Digital Single Market. Damage is not only economical, but also has high societal impact, since attacking sensitive information and critical infrastructures that provide essential services for society that, in the most dramatic case, may lead to loss of human lives.


PDF icon European_CIIP_Newsletter_Vol_10_No_1__23.pdf