This year’s CyberCall is looking for solutions in the following (but not limited to) areas:
Cybersecurity for Artificial intelligence (AI)
Safeguarding AI systems and the data they process from various cyber adversarial attacks in order to maintain the integrity, confidentiality, trustworthiness and reliability of AI applications in an increasingly connected and digital world.
AI for cybersecurity
Harnessing the power of AI to strengthen cyber defences, improve threat detection, and respond more effectively to the evolving and sophisticated nature of cyber threats, thereby helping organisations protect their systems, data and networks from cyber attacks.
Quantum Safe
Protecting critical digital systems, data, and infrastructure from the potential threat of Cryptographically Relevant Quantum Computers by transitioning to quantum-resistant solutions and enabling cryptographic agility and defense-in-depth.
Operational Technology (OT) / Internet of Things (IoT) security
Safeguarding critical infrastructure, Industrial Control Systems (ICS) and internet-connected devices from cyber threats and vulnerabilities.
Cloud security
Safeguarding data, applications, resources and infrastructure hosted in cloud environments, while maintaining the confidentiality, integrity and availability of resources in the cloud.
Privacy-Enhancing Technologies (PET)
Safeguarding the privacy of individuals and confidentiality of their data while using systems and digital services, thereby empowering individuals to manage their data securely and complying with privacy regulations.
For a start, CSA has put together a list of end-users who are looking for solutions in some of the areas mentioned above.
CS01: Analysis of Privileged Access Management Session
Construct an Artificial Intelligence (AI) module designed to seamlessly amalgamate with current Privileged Access Management (PAM) systems…..
2024 November End User Challenge Statement
CS01: Trusted Collaboration Partner Assurance Platform
Challenge
Construct an Artificial Intelligence (AI) module designed to seamlessly amalgamate with current Privileged Access Management (PAM) systems, enabling the scrutiny of PAM session recordings to pinpoint irregularities in user behaviour.
Background
PAM serves as an identity security mechanism that identifies and obstructs unauthorised entry to vital assets while monitoring the activities of privileged users during their access to these critical resources. It maintains a record of the sessions via logs and screen video captures.
Presently, the analysis of screen recordings is conducted manually, a process that is both tedious and time-consuming. The log recordings are not exhaustive and are challenging to interpret due to their lack of natural language, while video recordings can be extensive and cumbersome to review, often leading to human oversight. Consequently, there is a pressing requirement for a cost-effective, standalone AI component that can be effortlessly incorporated into existing PAM frameworks.
Requirements
The solution should encompass, but not be limited to, the following features:
- Extract and process data from PAM solutions, handling both word-formatted logs and screen recording videos.
- Perform automated real-time behavioural analysis, comparing user actions against benchmarks or blacklisted processes.
- Control and restrict user access to designated assets.
- Conduct scheduled behavioural analyses after PAM sessions to ensure compliance with benchmarks.
- Identify and flag unacceptable behaviours during both real-time and post-session analyses.
- Recognise acceptable behaviours that may deviate from benchmarks but are not considered security risks.
- Allow for benchmark settings to be input in various formats, including release notes and natural language instructions.
- Utilise User and Entity Behaviour Analytics (UEBA) training with ‘golden images’ and typical user behaviour patterns as references.
- Operate efficiently without excessive bandwidth, time, or processing power consumption.
- Classify the confidence level of detected anomalies into categories such as HIGH, MEDIUM, and LOW.
- Provide real-time and post-session alerts for detected anomalies.
- Enable querying of recording contents using natural language.
- Generate analysis reports in a user-friendly format.
Additional Information
- Integrate smoothly with existing PAM systems without complex setup procedures or loss of existing PAM features.
- Function in offline environments, particularly in Operational Technology (OT) settings.
- Be compatible with both Information Technology (IT) and OT environments, accommodating one-way data transfer from OT to IT using Data Diodes.
- The solution may be a non-video analytic tool, provided it meets the requirement
CS02: Data Security Incident Management
Create a data security management tool that autonomously identifies and safeguards data instantaneously, employing Artificial Intelligence………
2024 November End User Challenge Statement
CS02: Data Security Incident management
Challenge
Create a data security management tool that autonomously identifies and safeguards data instantaneously, employing Artificial Intelligence to ascertain the sensitivity of data contingent on context as opposed to predefined rules.
Background
New AI technologies such as Copilot enable organisations to operate more efficiently and effectively. These systems can analyse data from both within and outside the organisation, delivering results based on the user’s prompts. However, they also introduce new risks to data management and privacy.
To integrate new AI technologies like Copilot, our organisation must enhance our capabilities to:
- Comply with Personal Data Protection Laws in the various countries where our organisation operates.
- Prevent the spread of data breaches across our global network.
- Respond to any data breaches as swiftly as possible.
Given the vast amount of unstructured data, it is impractical to preprocess and label all data at rest. We need a solution capable of independently identifying and protecting data in real-time. Most solutions on the market rely on precise definitions to identify data, which often results in a low accuracy rate due to a lack of contextual understanding.
Requirements
The solution should encompass, but not be limited to, the following features:
- Utilising AI to determine data sensitivity based on context rather than predefined rules. For instance, training the system to recognise the nature of documents such as business contracts, personal information, etc.
- The capability to monitor and detect potential real-time data breaches as they occur.
- The ability to generate user-friendly summaries of data breach incidents for reporting to senior management and local authorities.
- The provision of a comprehensive dashboard for reporting on risk and compliance status.
Management of data loss prevention strategies (restricting email, USB transfers, printing, etc.) in line with designated data classifications.
Additional Information
The solution could be a standalone end-to-end system or an integration with existing Data Loss Prevention products.
CS03: Incorporating Generative AI into Cybersecurity Incident Management in OT/IoT.
Develop a cyber security incident response utility employing GenAI to synthesise the incident details, carry out an impact assessment, offer remediation…..
2024 November End User Challenge Statement
CS03: Incorporating Generative AI into Cybersecurity Incident Management in OT/IoT.
Challenge
Develop a cyber security incident response utility employing GenAI to synthesise the incident details, carry out an impact assessment, offer remediation strategies, and compile a report summary.
Background
Cybercriminals around the world now have access to new AI tools as these become more commercially available. These tools significantly enhance their ability to conduct sophisticated cyber-attacks. The inherent limitations in OT/IoT environments, such as the inability to install agents and security tools, further increase cybersecurity risks.
To adapt to these changing times and upgrade our capabilities, our organisation must also embrace AI to bolster our rapid response to cyber-attacks while meeting global regulatory reporting requirements. The solution we seek should not only reduce response times but also improve the accuracy of incident handling in OT/IoT environments.
Our organisation requires a swift response to any cybersecurity incidents to enhance our capabilities in responding to cyber-attacks and to comply with reporting requirements from regulators worldwide, thereby protecting our Operational Technology (OT)/Internet of Things (IoT) environments globally.
Requirements
The solution should encompass, but not be limited to, the following features:
- The ability to collect information on and conduct analysis of a cybersecurity incident.
- The ability to conduct impact analysis of the cybersecurity incident.
- Utilising AI to summarise the cybersecurity incident and generate user-friendly reports for management and local authorities.
- Ensuring that incident summarisation is conducted swiftly, within the response times mandated by local authorities.
- The ability to identify the point of entry and the path of the cybersecurity incident to pinpoint vulnerabilities within our organisation.
- The ability to provide recommended remediation and guided responses.
Additional Information
The solution could be an end-to-end system or an integration with existing Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), or extended Detection and Response (xDR) platforms.
CSOC: Open Category
Innovative cybersecurity proposals that do not fulfil any of the Challenge Statements can be submitted under the “Open Category”. The proposal should clearly explain the issue(s) that …
2024 November Open Category Challenge
CSOC: Open Category
Innovative cybersecurity proposals that do not fulfill any of the Challenge Statements can be submitted under the “Open Category”. The proposal should clearly explain the issue(s) that it aims to address, demonstrate innovation in solving the identified problem (e.g., no existing solution, improvement(s) on existing solutions), and have concrete go-to-market plans.
For proposals submitted under the Open Category, the applicant company must secure at least one committed end-user by the third milestone. This end-user must be interested in deploying the solution if the project is successful. The company can leverage on “minimum viable products”* and/or market-ready technologies to develop cybersecurity applications with new features and functionalities that would meet the new and emerging demands of cybersecurity users.
Solution providers can submit proposals in the following focus areas including, but not limited to:
*A minimum viable product is a product with just enough features to satisfy early customers and to provide feedback for future product development.