This year’s CyberCall is looking for solutions in the following (but not limited to) areas:
Cybersecurity for Artificial intelligence (AI)
Safeguarding AI systems and the data they process from various cyber adversarial attacks in order to maintain the integrity, confidentiality, trustworthiness and reliability of AI applications in an increasingly connected and digital world.
AI for cybersecurity
Harnessing the power of AI to strengthen cyber defences, improve threat detection, and respond more effectively to the evolving and sophisticated nature of cyber threats, thereby helping organisations protect their systems, data and networks from cyber attacks.
Quantum Safe
Protecting critical digital systems, data, and infrastructure from the potential threat of Cryptographically Relevant Quantum Computers by transitioning to quantum-resistant solutions and enabling cryptographic agility and defense-in-depth.
Operational Technology (OT) / Internet of Things (IoT) security
Safeguarding critical infrastructure, Industrial Control Systems (ICS) and internet-connected devices from cyber threats and vulnerabilities.
Cloud security
Safeguarding data, applications, resources and infrastructure hosted in cloud environments, while maintaining the confidentiality, integrity and availability of resources in the cloud.
Privacy-Enhancing Technologies (PET)
Safeguarding the privacy of individuals and confidentiality of their data while using systems and digital services, thereby empowering individuals to manage their data securely and complying with privacy regulations.
For a start, CSA has put together a list of end-users who are looking for solutions in some of the areas mentioned above.
CS01: Trusted Collaboration partner Assurance Platform
Develop a platform/service that provides assurance of the security posture of the connected systems from partners/vendors…..
Cybersecurity Challenge
2024 Statements
CS01: Trusted Collaboration Partner Assurance Platform
Challenge
Develop a platform/service that provides assurance of the security posture of the connected systems from partners/vendors. Some expected capabilities are automatically monitor and update of possible incidents in partners/vendors systems, provide secure channels for info exchange and collaboration, and facilitate the identification and remediation of the vulnerabilities of the systems to mitigate risks effectively. This platform/service should assure that all connected systems are at the same security posture that can mitigate the serious threats are prevalent/expected up to the near future.
Background
Today, organisations need collaboration and support of external parties to expand/reach their customers and stakeholders. Evidently, the organisations must connect to each other, which may result in the propagation of attacks to each other. The security posture of one’s organisation is intricately expanded/extended to the security posture of one’s partners/vendors connected systems as well. Assessing the security posture of a system internally usually requires cybersecurity expert to conduct security assessment scans, but some partners/vendors don’t have such in-house cybersecurity expertise to continually monitor and maintain the security posture of their systems. Even if they get attestation reports, these don’t give current/real-time status of the system security state.
Requirements
The solution should contain, but not be limited to the following:
It should have end-to-end coverage of every system connected in the collaboration/ support tasks to understand the threats and/or vulnerabilities as they appear and alert every participant to take necessary actions to minimise the risks. Some of the expected functions are:
- It should collect the logs of the system and conduct vulnerability scan of the system.
- It should have a backend platform, that allows uploads of the security data collected from the end-point solution.
- The backend platform should consolidate the vendor security data and conduct a risk assessment to alert the potential risk/impact, produce a risk score based on an internationally recognised framework, and recommends remediation/mitigation.
- The solution should provide an alert when there is a new vulnerability and conduct an assessment on systems to identify which might be affected and at risk.
- It might also be extendable to integrate with state-of-the-art/ leading AI-enabled security suite in the market (for example, Microsoft’s Security Copilot, Google’s Cloud Security AI Workbench, etc), using API or other means, to enrich the vulnerability management capability of the platform.
- It could be designed with Privacy Enhancing Technology with the option to wipe out the previous end-point results as needed as per user and/or vendor’s request.
- The solution should be simple to configure and deploy without the need of cybersecurity professionals.
- The solution should be cost effective that can be adopted by Small/Medium Enterprises (SMEs).
CS02: Cross Domain File transfer to High Trust Network
Traditionally, OT environment is standalone and manual processes using portable storage devices is used for data/file transfer to the OT environment. Much of these tasks require external parties………
Cybersecurity Challenge
2024 Statements
CS02: Cross Domain File Transfer to High Trust Network
Challenge
Traditionally, OT environment is standalone and manual processes using portable storage devices is used for data/file transfer to the OT environment. Much of these tasks require external parties to do and consistent and proper access control is necessary. The challenge is to establish a secure environment for cross domain file transfer of files to a high-trust network. This solution will allow the secure transfer of files from external networks to the high-trust network, that comes with access control, encryption, authentication, continuous monitoring and auditing mechanisms. It shall also prevent communications that is initiated from the high trust network to the external network and allow enforcement of policies and rules that govern data sharing between different domains.
Background
Critical Systems like CII needs to be secured by utilising advanced solutions for cross-domain file transfer to a high-trust network. This initiative is critical to protect sensitive government data and ensure that the integrity and confidentiality of information are maintained when files are transferred from external networks. The high-trust network is a critical asset that hosts sensitive information, and it is imperative that the transfer mechanism is robust, secure, and reliable. The solution must be designed to mitigate potential cyber threats and prevent unauthorized access or data breaches. One of the key use case is for sending patch files or malware definitions from an external network to the high trust network.
Requirements
1. Overview of Solution Requirements:
2. Access Control:
3. Encryption:
4. Authentication:
5. Continuous Monitoring and Auditing:
6. Prevention of Outbound Communication:
7. Policy and Rule Enforcement:
8. Compliance and Standards:
9. Scalability and Maintenance:
|
CS03: Automated Cybersecurity Risk management for Cloud Application Change request
Develop a solution that can automate, simplify, and provide recommendation for the cybersecurity risk management for cloud application change requests…..
Cybersecurity Challenge
2024 Statements
CS03: Automated Cybersecurity Risk Management for Cloud Application Change Request
Challenge
Develop a solution that can automate, simplify, and provide recommendation for the cybersecurity risk management for cloud application change requests. The change requests can be for enterprise’s functional (e.g. new features) and non-functional (e.g. cybersecurity patches) updates.
Background
Any alterations to the cloud applications carry cybersecurity risks, including coding errors and unintended logic faults. Implementing new cloud applications may require changes to the configuration management such as the firewall rules and the routing tables which might affect the security posture of the system. Implementing changes requires rigorous risk assessments to mitigate these risks. An automated risk management solution is needed to perform dynamic risk assessments based on the change request, provide a recommendation for appropriate change schedules, and notify stakeholders. The dynamic nature of these operations demand swift turnaround times, but the current manual effort is inefficient to handle the volume of change requests.
Requirements
The solution should contain, but not limited to the following:
- Develop an automated risk management solution that can understand a ticketing system using Large Language Model (LLM) and conduct a risk framing from the information provided in the ticket. It should include identifying the scope of the process, asset inventory affected, prioritization, and any legal/regulatory requirement involved. The first ticketing system to be tested will be JIRA.
- It should perform dynamic risk assessment to aggregate risks arising from multiple changes, analyse past incidents arising from the changes, and identify what are the threats, vulnerabilities, and impacts.
- It should recommend a change schedule based on information such as the criticality of the assets and systems affected.
- It should provide a summarised and easy to understand information using Generative AI to notify and collect response from stakeholders.
- The solution must be scalable to support different ticketing products, such as having a common interface design for the integration to different ticketing products.
- For this project, the first ticketing tool to be integrated and tested is JIRA.
- The solution must be designed to support different Cloud Service Providers.
- For this project, the solution must support AWS, Azure and GCP
CSOC: Open Category
Innovative cybersecurity proposals that do not fulfil any of the Challenge Statements can be submitted under the “Open Category”. The proposal should clearly explain the issue(s) that …
Cybersecurity Challenge
2024 Statements
CSOC: Open Category
Innovative cybersecurity proposals that do not fulfill any of the Challenge Statements can be submitted under the “Open Category”. The proposal should clearly explain the issue(s) that it aims to address, demonstrate innovation in solving the identified problem (e.g., no existing solution, improvement(s) on existing solutions), and have concrete go-to-market plans.
For proposals submitted under the Open Category, the applicant company must secure at least one committed end-user by the third milestone. This end-user must be interested in deploying the solution if the project is successful. The company can leverage on “minimum viable products”* and/or market-ready technologies to develop cybersecurity applications with new features and functionalities that would meet the new and emerging demands of cybersecurity users.
Solution providers can submit proposals in the following focus areas including, but not limited to:
*A minimum viable product is a product with just enough features to satisfy early customers and to provide feedback for future product development.