D7.4 COMPACT Exploitation Results: Work Package: Lead Partner

Ref.
Ares(2019)7414978 - 02/12/2019
D7.4 COMPACT Exploitation Results

Work Package: WP7
Lead partner: G & N Silensec LTD (GNSIL)
Almerindo Graziano, Georgios Nicolaou, Walter de Donato (GNSIL),
Marco Angelini, Francesca Giampaolo (ENG), Luigi Coppolino, Luigi
Author(s):
Sgaglione (CINI), Nelson Escravana (INOV), Exthaun Sanchez (S21SEC),
Amedeo D’Arcangelo (KSP-IT), Cornelia Genderslicht (AIT)
Due date: 31st October 2019
Version number: 1.0 Status: Final
Grant Agreement N°: 740712
Project Acronym: COMPACT
Project Title: COmpetitive Methods to protect local Public Administration
from Cyber security Threats
Call identifier: H2020-DS-2016-2017
Instrument: IA
Thematic Priority: Secure societies – Protecting freedom and security of Europe
and its citizens
Start date of the project: May 1st, 2017
Duration: 30 months
Dissemination Level
PU: Public ✓
PP: Restricted to other programme participants (including the Commission)
RE: Restricted to a group specified by the consortium (including the Commission)
CO: Confidential, only for members of the consortium (including the Commission)
Project co-funded by the European Commission under the

Horizon 2020 Programme.
COMPACT - D7.4 COMPACT Exploitation Results
Revision History
Revision Date Who Description
0.1 01/09/19 GNSIL First Draft
0.2 08/11/19 GNSIL, ENG, CINI, Partners Contribution Integrated
INOV, S21SEC, KSP-
IT, AIT
0.3 11/11/19 GNSIL Draft Ready for Review
1.0 29/11/19 GNSIL Version ready to be published
Quality Control
Role Date Who Approved/Comment
Reviewer 28/11/2019 KSP-IT Approved with comments

Reviewer 29/11/2019 INOV Approved with comments
Page 2 / 41
Disclaimer:
This document has been produced in the context of the COMPACT Project. The COMPACT
project is part of the European Community's Horizon 2020 Program for research and
development and is as such funded by the European Commission. All information in this
document is provided "as is" and no guarantee or warranty is given that the information is fit
for any particular purpose. The user thereof uses the information at its sole risk and liability.
For the avoidance of all doubts, the European Commission has no liability with respect to this
document, which is merely representing the authors’ view.
Page 3 / 41
Table of Contents
Executive summary .................................................................................................................... 7
1. Introduction ...................................................................................................................... 7
2. Market and Competitor analysis ...................................................................................... 8
2.1. Security Training and Awareness............................................................................... 9
2.2. Cyber security Monitoring ....................................................................................... 11
2.2.1. Security Information Events Management (SIEM) ............................................... 11
2.2.2. Business Activity Monitoring ................................................................................ 13
2.2.3. Managed Security ................................................................................................. 13
2.3. Risk Assessment ....................................................................................................... 16
2.4. Knowledge Sharing .................................................................................................. 18
2.5. Impact Summary ...................................................................................................... 18
3. Exploitation Results ........................................................................................................ 19
3.1. S21Sec ...................................................................................................................... 19
3.2. SILENSEC .................................................................................................................. 20
3.3. ENG .......................................................................................................................... 24
3.4. AIT ............................................................................................................................ 28
3.5. BIT ............................................................................................................................ 30
3.6. INOV ......................................................................................................................... 30
3.7. CINI........................................................................................................................... 32
3.8. KSP-IT........................................................................................................................... 34
4. COMPACT Business Model Evolution and Post Project Exploitation ............................. 36
4.1. SWOT Analysis ......................................................................................................... 36
4.1.1. Strength ................................................................................................................ 37
4.1.2. Weaknesses .......................................................................................................... 38
4.1.3. Opportunities ....................................................................................................... 39
4.1.4. Threats .................................................................................................................. 39
4.2. Post-Project Exploitation ......................................................................................... 39
5. Conclusions ..................................................................................................................... 41
Page 4 / 41
List of Figures
Figure 1 - COMPACT Services .................................................................................................... 8
Figure 2 - Security Awareness Market Leaders According to Gartner ...................................... 9
Figure 3 - Investments Received by KnowBe4 over COMPACT lifetime .................................. 10
Figure 4 - Companies acquired by KnowBe4 ............................................................................ 10
Figure 5 - SIEM Vendors Market Leaders According to Gartner .............................................. 12
Figure 6 - MSSP Market Leaders According to Gartner ........................................................... 15
List of Tables
Table 1 - COMPACT Platform's architectural components ........................................................ 9
Table 2 - Impact of Changes to COMPACT Exploitation ........................................................... 19
Table 3 - Sentinel Exploitation Strategy ................................................................................... 20
Table 4 - OpenIntel Exploitation Results .................................................................................. 22
Table 5 - Cyber Range Exploitation Results .............................................................................. 24
Table 6 - OPENESS.EDU Exploitation Results ........................................................................... 25
Table 7 - RATING Exploitation Results ...................................................................................... 26
Table 8 - TO4SEE Exploitation Results ...................................................................................... 27
Table 9 - CyberConnector Exploitation Results ........................................................................ 28
Table 10 - AIT Games Exploitation Results ............................................................................... 29
Table 11 - AIT's Human Factor Profiling Exploitation Results .................................................. 29
Table 12 - BIT Exploitation Results ........................................................................................... 30
Table 13 - BP-IDS Financial Exploitation Results ..................................................................... 31
Table 14 - BP-IDS Research Exploitation Results ...................................................................... 32
Table 15 - CINI SOC Exploitation Results .................................................................................. 33
Table 16 - CINI SOC Exploitation Results .................................................................................. 33
Table 17 - Kaspersky Exploitation Results ................................................................................ 36
Table 18 - COMPACT Updated SWOT Analysis......................................................................... 37
Page 5 / 41
Definitions and acronyms
B2C Business to Consumer

B2B Business to Business
BP-IDS Business Process based Intrusion Detection System
CC CyberConnector
CERT Computer Emergency Response Team
CyberConnector An internal knowledge collaboration site and social network that is
used to share all the information among partners. Referred to also
as CC.
DoA Description of Action
DPO Data Protection Officer
GDPR Global Data Protection Regulation
GUI Graphic User Interface
IPS Intrusion Prevention System
LPA Local Public Administration
MST Management and Support Team
MSS Managed Security Service
MSSP Managed Security Service Provider
PC Project Coordinator
PDCA Plan Do Check Act
SC Scientific Coordinator
SIEM Security Information and Event Management
SNMP Simple Network Management Protocol
SOC Security Operations Center
Page 6 / 41
Executive summary
COMPACT is a cloud-based platform for the provision of security services to Local Public
Administrations that includes risk management solutions, security monitoring capabilities,
best practice guidelines and gamified security awareness trainings. The COMPACT Platform
and associated integration and scalability capabilities has been created hand in hand with the
development of a suitable business model that would enable COMPACT to achieve a self-
sustainability and growth while at the same time providing immediate value to the current
project partners. This deliverable contains COMPACT exploitation results in relation to the
exploitation plan and strategy developed by the project consortium. The exploitation results
are a function of the effort produced by each partner individually and by the consortium as a
whole and they take into consideration the changes in technology and the market, which have
been observed during the lifetime of the project. Such changes have been tracked and input
from project trials has been taken into consideration to positively affect the outcome and
exploitation results while trying to maintain the proposed focus of the project.
The results achieved show the significant importance given by COMPACT to the exploitation
activities, both by individual partners and by the Consortium as a whole. A number of
exploitation results have already been achieved while more results are in the making and will
be achieved a few months after the project’s conclusion.
1. Introduction
The COMPACT exploitation results capture the results of the work activities carried out by
COMPACT partners and by the project consortium as a whole. While the main objective of the
project was to deliver a commercially viable solution to address the security needs of local
public administration, financial exploitation was not the only criteria addressed by the project
exploitation strategy: operational and research exploitation results have also been achieved
and they are described in this document.
This document is structured as follows:
Section 2 contains a review of the market landscape, outlining the key changes in technologies,
market and competitors landscape as it pertains the COMPACT exploitation strategy and plan
as COMPACT’ s ability to follow that plan and achieve the intended results. The content of the
section is the result of the continuous monitoring carried out by COMPACT and by its partners
during the lifetime of the project and it shows how changes identified have and will impact
the ability of COMPACT to achieve its exploitation objectives.
Section 3 contains the project exploitation results in relation to the exploitation plans made,
also comparing the plans made with the results achieved and it outlines the post-project
exploitation plan.
Section 5 Contains some final remarks and conclusions in relation to the COMPACT
exploitation.
Page 7 / 41
2. Market and Competitor analysis

This chapter shows the results of COMPACT’s continuous monitoring activities in relation to
the market and the competitors landscape and how they have been taken into consideration
to review and where appropriate update the COMPACT exploitation strategy and plans. Such
monitoring is in line with the PDCA model thus ensuring COMPACT was able to detect new
trends and possibilities, in order to then allow the consortium to improve its exploitation plan
or even affect the business model strategy
Since the beginning of the project and over a period of three years a number of changes have
occurred in the market. In the initial phases of the project, a detailed analysis was carried out
to investigate the potential competitors and possible unique selling points offered by both
COMPACT as a whole and by the tools and products provided by the COMPACT partners
individually. This section contains a summary of the key changes identified from the market
and competitor analysis with special emphases on those changes affecting the ability of
COMPACT and its partners to execute the planned exploitation strategy
COMPACT has developed a range of services, tools and learning and awareness content,
available through an online platform. Specifically, deliverable D3.1 Services and Contents
Specifications contains a description of the services and related tools included in COMPACT
and represented in the following figure.
Figure 1 - COMPACT Services
The following table summarizes the list of services associated to each service category.
Category Service
Human Factor Awareness
Security Training and Awareness
Security Awareness through Gamification
Cyber Threat Intelligence
Security Monitoring
Cyber security Monitoring
Website Monitoring
Business Intrusion Detection
Social Engineering (SE) Exposure Evaluation Service
Risk Assessment
Risk Assessment
Sharing of IoCs
Knowledge Sharing
Best Practice and guidelines on InfoSec Controls
Page 8 / 41
Table 1 - COMPACT Platform's architectural components
2.1. Security Training and Awareness
The landscape of security awareness and security awareness gamification has increased
tenfold since the beginning of the project. In this domain the following key changes have
occurred and have been captured by COMPACT:
Further consolidation of key market players of security awareness – Reviewing the market
leadership of the security awareness and training market, one finds that no new players have
entered the market. The following figure summarizes the key players in the security awareness
market as they are tracked by research firm Gartner.
Figure 2 - Security Awareness Market Leaders According to Gartner
At the same time the players that existed in the marketplace at the beginning of COMPACT
have actually consolidated their position of strength. For instance, the current leadership by
Knowbe4 has been consolidated through huge funding rounds (nearly $400M, as shown in
Figure 3) and through the acquisition of a number of companies as reported by Crunchbase,
and detailed in Figure 4. This events have happened during the lifetime of COMPACT.
Page 9 / 41
Figure 3 - Investments Received by KnowBe4 over COMPACT lifetime
Figure 4 - Companies acquired by KnowBe4
Security Gamification not proven to be Mainstream – It is interesting to note that none of

the key market players in the security awareness domain are in the business of security
awareness gamification, nor Gartner or other research organization are currently tracking that
market beyond the mere mention. That is to say that organizations are not yet investing in
gamified security awareness or that maybe, the security awareness gamification industry is
not mature enough to address the market needs. On the other hand, gamification has been
more and more adopted and is becoming mainstream in the field of security training, including
one of COMPACT partner’s Silensec with their Cyber Range and companies such as Security
Innovation with their CMD+CTRL Cyber Range platform or Circadence with their Project Ares
cyber range platform, where gamification is very pronounced. When it comes to security
training, the aspect of replayability of the game is addressed far better thus allowing user to
have a more continuous engagement with the training platform.
Security Awareness Gamification fails to engage beyond first play – A state of the art review
on security gamification carried out at the beginning of the project produced a good number
of games and initiatives in this field. However, that is nothing compared to what the state of
the art review can gather today. However, one key aspect failed to mature and to produce
convincing results is the aspect of corporate security awareness gamification. In other words,
security gamification has been explored and used primarily as an awareness tool involving
small groups of users at a time. A typical example is provided by the security awareness games
developed by organizations such as Kaspersky as a way of sensitizing managers of an
organization and get them to take actions that would improve the security of the organization.
Page 10 / 41
That is because security awareness games lack a fundamental aspect of any successful game,
which is its ability of being replayed over and over again. Unfortunately most of security
awareness games currently in the market are meant to be played once and not repeatedly and
user progress cannot be tracked across multiple game instances. First, because multiple game
instances do not make sense (playing a game we know all the answers of is not fun) and second
because the games are not integrated with the corporate learning management systems to
track user progression.
Renewed investment and focus on content more than active participation – In the
information era, it is a fact that content is king and that’s where companies operating in the
security awareness field invest, competing on who has the richer and wider list of content,
catering for multiple languages and different security awareness domains. However, the
prevailing trend in security awareness products is the phishing simulation complemented by
content. That is because phishing is still the prevailing attack vector exploiting human error
and the lack of security awareness in most organizations. As a result, products in the security
awareness domain are based on the establishment and tracking of phishing campaigns
complemented by short awareness training pills. What is still missing is the active participation
of the users who are instead tracked to ensure they watch the training pill videos and do not
click on simulated phishing links.
2.2. Cyber security Monitoring
The security monitoring category of tools and services is the largest one in COMPACT as it
encompasses almost the entire security product space in the market. That is because for every
security product an LPA or an organization may choose to use, a security monitoring and/or
managed security service can provide to that organization. Two large macro categories
however can be identified in this domain, in relation to the set of security services offered by
COMPACT
2.2.1. Security Information Events Management (SIEM)
One of the key services developed by COMPACT is the Security Operation Center (SOC), which
is delivered through and advanced Security Information Events Management (SIEM) platform
and a number of agents and connectors capable of collecting events from an LPA and
specifically from a range of standard systems (servers, client desktops and applications) as well
as security controls such as business process intrusion detection systems, Web server
protection controls and cyber threat intelligence platforms. As such, the SOC captures a key
service provided by COMPACT and through the SOC, LPAs also enjoy better visibility of other
security tools and services that are integrated with the SIEM. Gartner’s Magic Quadrant best
captures the SIEM market players.
Page 11 / 41
Figure 5 - SIEM Vendors Market Leaders According to Gartner
The SIEM provided by COMPACT through its SOC service can compare with best of breed
SIEMs on the market in terms of functionalities and scalability while at the same time
providing the cost advantage. As any solution, which is based on open source technology, the
COMPACT SIEM has also the advantage that it can potentially leverage the support of
community users and publicly available documentation. However, with regards to the SIEM
market space, the major changes that has occurred in the market and currently ongoing is the
shift to support cloud infrastructure as more and more organization migrate their systems and
services to be more cloud-based. To that extent, the term Cloud SOC which is a SOC focused
on providing security monitoring and response over cloud data and infrastructures. Typical
features of cloud SOCs include:
• Monitoring of cloud app data;
• Native data loss prevention (DLP) with automated data classification to prevent
accidental or malicious loss of confidential data;
• Real-time traffic processing using native cloud APIs and input from numerous data
feeds;
• Monitoring, data governance, threat protection, and policy controls for sanctioned and
unsanctioned cloud accounts.
Page 12 / 41
COMPACT SIEM can also be used to provide Cloud SOC services but not use cases were
applicable within COMPACT to test such scenario.
2.2.2. Business Activity Monitoring
Business Activity Monitoring (BAM) allow to monitor processes and to recognize anomalous
behaviours, violation of specifications, and violation of SLAs, suggesting a possible advanced
threat such as APT and stealthy attacks. Business activity monitoring (BAM) describes the
processes and technologies that enhance situation awareness and enable analysis of critical
business performance indicators based on real-time data. Business Activity Monitoring is
sometimes compared to and confused with Business Intelligence, which is a technology-driven
process for analysing data and presenting actionable information to better operate or manage
an organization. The data analysis carried out in Business Intelligence is carried out at pre-
determined intervals or ad-hoc. Conversely, Business Activity Monitoring focuses on
performing real-time analysis of data coming from business processes and activities, to
monitor key performance indicators (KPIs), which are usually presented across a number of
dashboards. Traditionally, BAM also include notification and tracking functionalities to help
act upon monitored KPIs and related deviations.
The BAM field is the one least affected in COMPACT especially in relation to new players and
products appearing on the market during the lifetime of the project. BAM is highly research-
lead and in its simplest form BAM relies upon the use and adoption of Process-Aware
Information Systems (PAIS), which are software systems used by organizations to manage and
executes operational processes involving people, applications, and/or information sources .
The most classic examples of PAIS are workflow management systems and case-handling
systems. However, the use of PAIS most often relies on the business process modelling (BPM)
to first model and define the processes, which are then managed through a PAIS. In many
cases however process mining methodologies are followed. Process mining is designed to
discover, monitor and improve real processes by extracting knowledge from event logs readily
available in the organization’s information systems. Process mining includes automated
process discovery (i.e., extracting process models from an event log); conformance checking
(i.e., monitoring deviations by comparing model and log); social network/organizational
mining; automated construction of simulation models; model extension; model repair; case
prediction; and history-based recommendations.
2.2.3. Managed Security
Over the years, remote technology administration and management has become widely
spread and commoditized by most managed service providers. However, over the last five
years and more so during the lifetime of the COMPACT project, the same has begun to happen
to a greater extent to the provision of managed security services. Large organizations
especially are looking at MSSP providing 24x7 monitoring and response services in order to
address threat detection use cases and to add additional capabilities to fill gaps in their
security controls and capabilities as needed such as incident response or vulnerability
management. Also, as organizations pursue cloud-oriented and cloud-first approaches, the
scope of security monitoring service requirements is also expanding. This reflects the
Page 13 / 41
expansion of security event monitoring beyond the confines of traditional managed security
applied to the client’s on-premises perimeter.
When it comes to procuring managed security services, organizations fall very broadly into
three main categories:
• Small organizations – These are organizations with no official security staff, where the
ICTs staff is composed of usually just 1-3 people mostly providing ICT support and basic
security hygiene and awareness to employees. Such organizations seek basic and cost
effective managed security services to meet legal and regulatory compliance
requirements as well as other risk reduction requirements set by their executives.
Many LPAs fall into this category.
• Average organization – These are organizations that follow best security practice to a
varying degree of compliance but do not have a strong security focus or the cost of
having a strong security posture vastly outweighs the organization’s business needs.
Yet security requirements must be complied to either because of the applicable laws
and regulations or to minimize the impact of security threats. Organizations in this
category include the majority of organizations out there including larger LPAs.
Organizations in this category tend to look for detection-led managed security
engagements, which combine exposure management and incident response with the
identification of threats.
• Security-mature organizations – These are typically either large organizations or SME
with a strong focus on security. Such organizations choose MSSP to augment their
existing capabilities and processes to provide efficiency and create space for
prioritization on high-risk and advanced threats. Typical examples in this category
include financial institutions or telecommunication companies.
The following figure summarizes the key players worldwide in the MSS space according to
Gartner.
Page 14 / 41
Figure 6 - MSSP Market Leaders According to Gartner
MSSPs’ portfolios usually include one or more of the following managed services, in addition
to other services that may be specific to the MSSP’s core market (e.g., IT outsourcing or
telecommunications):
• Security technology administration and management of firewalls, unified threat

management (UTM), intrusion detection and prevention system (IDPS), endpoint
protection platform (EPP), endpoint detection and response (EDR), secure web
gateway (SWG) and secure email gateway (SEG)
• Incident response services (both remote and on-site)
• Vulnerability assessment and managed vulnerability management services (e.g.,
scanning, analysis and recommendations/remediation)
• Threat intelligence services (e.g., machine-readable threat intelligence feeds,
customer-specific dark web and social media monitoring)
• Managed detection and response (MDR) services – MDR is a service, usually delivered
24x7, providing threat monitoring, detection and lightweight response leveraging a
combination of technologies deployed at the host and network layers, advanced
analytics, threat intelligence, and human expertise in incident investigation and
response.
Page 15 / 41
Besides the above the pure-play security service providers, hundreds of smaller,
geographically focused MSS providers have appeared and continue to appear around the
world offering detection-led and highly competitive services, in some cases leveraging on the
offering and products developed by the larger providers and vendors and in many cases
offering services based on opensource solutions.
2.3. Risk Assessment
With regards to risk assessment, the major changes affecting COMPACT and its business model
is the increasing shift to digitalization initiatives and digital transformations that is affecting
organizations worldwide, including LPAs. The impact that digital transformation is having on
the way organization assess and manage their risks is more and more being affected by a
number of factors, some of which were less prominent at the time COMPACT started and
described below. In summary, risk assessment tools and methodology need to be updated to
be more in line with the digital transformations occurring worldwide.
Increased autonomy of users – often increase the autonomy of end users regarding their use
of information and digital systems. This makes conventional user lockdown security strategies
increasingly unsustainable. Security and risk management leaders face an ever growing
challenge of dealing with the human dimension as a key element of their security programs.
Increased End Points Within and Outside the Perimeter – Digital business transformation
introduces an exponential increase in the number and complexity of systems, users,
applications, endpoints, "things," partner relationships and transactions that must be
protected. It also introduces an increasing number of external systems, users, infrastructure
and things interacting with internal corporate applications and data.
Changing Trust Model – Increasingly, IT does not own or control the consumption or delivery
sides of technology. In the case of cloud-based services, they may or may not control the
network, server, OS or application the end user is consuming. Such a shift means that
organizations can no longer turn to device ownership, lockdown and control as a means to
protect information. Device ownership and tight control were used as proxies for trust. As this
no longer applies, new models of trust are needed. Traditional trust models do not scale to the
scope, spontaneity and agency required in digital business. Digital trust emerges to establish
and manage trust in the myriad digital interactions and relationships between businesses,
individuals and things
Dynamic Infrastructure, applications and business interactions – Digital business

exponentially increases the number of points of failure within and outside the perimeter,
exposing enterprises to larger and more complex risks. Security and risk management leaders
are challenged to clearly understand the complexities of digital business ecosystem resilience.
Most information security infrastructure to date is designed with macro, binary, allow or block
mentality, and lacks sufficient visibility and risk/trust assessments. Thus, information security
leaders default to "no," incurring opportunity costs and, in some cases, causing business units
to bypass security with digital business initiatives. Mainstays of security protection using
Page 16 / 41
signature-based blocking and prevention such as antivirus and intrusion prevention systems
fail to stop zero-day and targeted attacks. Traditional identity and access management
protection that allows the good based on one-time authentication events fails to detect stolen
credentials and insider threats.
Security Governance – Conventional centralized security governance models are challenged

as a result of increasing adoption of digital business solutions from within the business.
Existing security governance has an overemphasis on the controls and ownership of data,
which breaks down in new digital business scenarios such as the Internet of Things, open data
and autonomous users. Embracing the opportunities of digital business while keeping risk
manageable challenges the traditional approach. All systems and devices must be considered
potentially compromised and their behaviors continuously assessed for risk and trust.
Beyond CIA – While traditional security focuses on the preservation of Confidentiality, Integrity
and Availability (CIA), digital transformation and the resulting digital business also emphasize
the privacy, safety and reliability requirements. The privacy requirement is driven by the
increasing regulatory and societal pressure (e.g. The GDPR regulation). The focus on human
safety and system reliability is a direct consequence of increasing integration of operational
and Internet of Things (IoT) technology with conventional IT systems.
Demand for accelerated application development – The increased reliance on applications

for everything from critical to mundane business tasks and the potential to deliver competitive
differentiation through well-designed applications have led to a demand for accelerated
application development. This paradigm has further challenged application security
practitioners to provide reasonable security measures and risk management within a tighter
timeline and without unduly disrupting the advancement of business objectives through
application development.
Bimodal Practices – Digital innovation projects look significantly different from traditional
application development projects. As such organizations adopt a bimodal IT strategy managing
two separate, coherent modes of IT delivery. Mode 1 is aimed at projects related to core
system maintenance, stability or efficiency, which require highly specialized programmers and
traditional, slow moving development cycles. Mode 1 projects require little business
involvement. Mode 2 is for the development of projects that help innovate or differentiate the
business and which naturally require a high degree of business involvement, fast turnaround,
and frequent update. Mode 2 requires a rapid path (or IT ‘fast lane’) to transform business
ideas into applications. Bimodal practices are posing new challenges for security governance.
Security and risk management leaders need to understand the new requirements for
governing more-experimental Mode 2 projects, including changing their mindsets as to how
security resources should be allocated to Mode 2 initiatives. Furthermore, security must be
integrated at multiple points into DevOps workflows in a collaborative way that is largely
transparent to developers, and preserves the teamwork, agility and speed of DevOps and agile
development environments, delivering DevSecOps.
Page 17 / 41
2.4. Knowledge Sharing
Since its adoption by Silensec, MISP has become more and more the de facto standard in
threat sharing around the world. While the main target users of MISP was and continues to
be computer emergency response teams (CERT), the improvement of MISP in terms of
usability and functionalities as well as the better integration with open source and third party
threat intelligence feeds have made it a natural candidate tool for local public administration
and for organizations in general, which cannot afford expensive threat intelligence solutions
but do want to tap into an international network of threat analyst and professionals
Over the course of COMPACT, MISP has witness growth both in terms of functionalities but
also in terms of adoption by organizations worldwide.
2.5. Impact Summary
The following table summarizes the impact made by changes in the competitor landscape to
COMPACT in terms of either product or business model.
Domain Summary if Impact

Security COMPACT’s bet on innovation for the development of gamified security
Training and awareness has been somewhat matched by the industry where a far
Awareness large number of games have been developed. However, while COMPACT
aimed to develop and deliver such games as a sustainable service,
security vendors in the market established themselves focusing on
content creation (primarily videos) and phishing campaign simulation.
Those players who developed security awareness games did so in order
to gain a foothold into new clients to then upsell their main services and
products. Gamification has become more successful in the security
training domain and this also influenced the development focus of the
security and awareness services developed by COMPACT later in the
project.
Cyber security High level of commoditization of security tools and even services have
Monitoring made the price even more relevant and determining when choosing a
solution. COMPACT provides tools which now compete with even
cheaper and more easily supported tools from international vendors.
Furthermore, ability to offer COMPACT as whole has decreased since
many organizations already have security solutions in place and
therefore using COMPACT would introduce higher integration
challenges, which may have been foreseen at the beginning of the
project.
Risk The increasing digital transformation wave means that traditional risk
Assessment assessment tools and methodologies must be updated and adapted to
assist organization deal with a changing threat landscape, users, services
and more cloud-based infrastructures. Overall, such changes impact the
more traditional risk assessment tools and methodologies offered by
COMPACT.
Page 18 / 41
Knowledge Little impact since the product chosen has become even more
Sharing mainstream and its adoption by COMPACT proved to be a good choice.
Table 2 - Impact of Changes to COMPACT Exploitation
3. Exploitation Results
Exploitation of the COMPACT results are organized into three distinct categories. The three
categories are reported here.
Operation Exploitation – This type of exploitation relates to the use of COMPACT results to
bring about improvements in the Partner’s daily operations such as reducing cybersecurity
risks, reducing costs of cybersecurity operations, improving the effectiveness and
effectiveness of business processes etc. While financial benefits may be brought about to
the Partner, those benefits are not considered financial exploitation as the partner is not
pursuing commercialization of the COMPACT results;
Financial Exploitation – This type of exploitation relates to the use of COMPACT results
toward revenue generation through the commercialization of COMPACT results. Examples
may include the resale of COMPACT product and services to third parties by a COMPACT
partner. A COMPACT product or service may be sold by the partner developing that service
or by another COMPACT partner or even third party through the establishment of
partnership agreements;
Research Exploitation – This type of exploitation relates to the production of research output
such as publications, participation to academic conferences by a COMPACT partner to
advance the partner’s research agenda and work.
Individual exploitation by COMPACT partners will fall into any of the above categories and
each partner may have exploitation plan across difference categories. The following sections
outline the individual partners’ exploitation plans
3.1. S21Sec
S21SEC was founded in 2000, becoming the first professional cybersecurity company in Spain,
having been recognised in that year with the McKinsey Start Up Award. Through its more than
15 years of establishment in the cybersecurity business industry, it has been in a path of
constant growth and innovation with the aim of preventing and managing the risks which
organizations and people are exposed to in their digital lives. To share some landmarks, in
2005 it launched its corporate security management platform –Lookwise-, and its
internationalisation process began, with the opening of its office in Mexico. In 2006, it
launched the first European Cybersecurity Innovation Centre. Shortly after, S21SEC launched
an eCrime anti-fraud service portfolio, started to work with Intelligence Agencies, and created
the first Spanish private CERT (Computer Emergency Response Team). In 2015, it became the
first Spanish company signing a Memorandum of Understanding with Europol for the fight
against cybercrime.
Page 19 / 41
With over 250 experts - one of the largest teams in Europe fully focused on cybersecurity,
S21SEC is able to bring a wide portfolio of expertise on: Managed Security Services; Advanced
Cyber Services (anti-fraud/eCrime, intelligence, red team); White Hat Professional Services
(auditing and advanced hacking, strategy and compliance consulting, technology
deployment), Technology Cyber Solutions – Lookwise (security management, monitoring
solutions and endpoint protection) and Digital Surveillance; Cybersecurity Innovation; and
Training. The company is certified under ISO-9001 and ISO-27001 standards.
Exploitation Type Operational

Product/Service: Sentinel
Exploitation Plan
S21sec aims to exploits the results of the work done on Sentinel financially.
Sentinel is a product that was originally envisioned for corporate targets, which are the
main customer of S21sec. This has led to the presence of Sentinel in LPAs to be currently
marginal. The inclusion of Sentinel in a project specifically oriented to LPAs will allow.
Besides, including Sentinel in an integrated platform such as COMPACT allows the market
for the Sentinel platform to extend to LPAs in countries where sales presence is limited.
Exploitation Results
Thanks to the work done in COMPACT and through the validation of Sentinel in the LPA
domain, S21Sec was able to gain a stronger understanding of the LPA domain and
associated business requirements, which allows S21sec to correctly position and present
Sentinel to the LPA market.
Summary of Deviations from the Exploitation Plan

No deviations
Table 3 - Sentinel Exploitation Strategy
3.2. SILENSEC
Silensec is an Information Security Management Consulting and Training company specialized

in the development and delivery of advanced services across all areas of information security
from the protection of infrastructure up to the classification and protection of data. For over
a decade Silensec has also trained thousands of professionals and delivered competence-
building services to clients worldwide including government, financial institutions and
telecommunication companies and more. Silensec’s mission it to help people develop
exceptional competences and professionalism in all areas of information security. To help
address the growing cybersecurity skills gap, Silensec has developed a comprehensive set of
training and competence building products and services aimed at professionals, private
organizations, academia and government.
Page 20 / 41
Silensec Training
Silensec has developed a portfolio of over 30 training courses

across the different categories of awareness, proaction,
prevention, detection, reaction and compliance. Courses offered
range from ethical hacking to mobile forensics, reverse
engineering and malware analysis up to security management and
security standards compliance. Silensec courses have been
delivered to professionals and organizations worldwide. Technical
courses are delivered and assessed hands-on through Silensec
Online Learning Environment (SOLE), a state of the art cloud-based platform where students
can practice their cybersecurity skills and gain practical experience.
Silensec Academy
Silensec Academy empowers academia

and large organizations to train as many
professional as they can while at the
same time ensuring quality, structure
learning and the development of practical competences. Silensec Academy provides a cost-
effective way for developing wide-reaching competence building programmes that can
positively impact the growing cybersecurity skills gap. Silensec Academy is aimed at
universities, large corporate organizations and government.
Silensec Cyber Range
Silensec has developed a Cyber Range Platform that

can be used by both individuals and organizations to
practice cyber security skills in a fun and challenging
way. The design of the Silensec Cyber Range combines gamification principles with interactive
challenges to test cyber security competence across a wide range of domains, either
individually or in a team against others. Silensec Cyber Range Platform provides a scalable
turnkey solution with pre-built scenarios, challenges and a wide range of pre-configured
virtual machines which enable an organization to set up a cyber competition within a few
minutes!
Silensec Security Awareness
Silensec pioneers innovative methods for the delivery of security

awareness content. Over the years Silensec has produced and
published editorial illustrations on current cybersecurity news,
and security best practice. Fortune 500 organizations rely on
Silensec for the development of security awareness newsletters
and content. Other services include the development of national security awareness
campaigns such as online child safety and more.
Page 21 / 41
Exploitation Type Financial

Product/Service: OpenIntel
Exploitation Plan
Silensec aims to exploits the results of the work done on OpenIntel financially in two
specific market categories:
SME – With regards to the SME market, the cost of currently available Cyber Threat
Intelligent solution is very high, which makes it difficult for SME to acquire such solutions.
Silensec aims to use COMPACT to validate the functionalities of the OpenIntel platform
and business model to then extend its use to other SMEs
Government – OpenIntel has been developed to target primarily government use and
especially by national regulatory authorities to monitor the cybersecurity level at a
national level. Current solutions on the market are very expensive and OpenIntel can
provide a cost effective alternative. Silensec aims to use the work done on OpenIntel with
regards to the collection of IoCs from opensource and commercial feeds and the
development of a risk dashboard to achieve financial exploitation from the government
market.
OpenIntel has been successfully exploited by Silensec in two business opportunities, which
have matured in 2019. Specifically OpenIntel was sold as part of a business proposition to:
- A national telco in Africa as part of a wide consultancy and system integration

project where Silensec is developing and consulting for the establishment of a
corporate SOC. Within this context, OpenIntel has been sold to provide threat
intelligence to the client’s SOC
- A national regulatory authority in Africa, where Silensec has partnered with
Deloitte Italia to develop a national CERT including the delivery of training and the
provision of the threat intelligence services through the OpenIntel platform.
A further exploitation of OpenIntel is the fact that it also contributed to the

development of a partnership with Deloitte Italia
The exploitation results have been in line with plan and in fact exceeded Silensec’s
expectations. However, given the time to market and already maturity of the threat
intelligence marketplace, Silensec is considering the CERT/Gov market as they key niche
market into which further invest in order to achieve financial exploitation of OpenIntel
Table 4 - OpenIntel Exploitation Results

Product/Service: Cyber Range and SOLE
Exploitation Plan
Page 22 / 41
Silensec aims to exploits the results of the work done on Cyber Range and SOLE financially
across the corporate sector worldwide. The current security gap is predicted to be of 3.5
million jobs by 2021.
Silensec aims to become a player in the online hands-on security training domain and to
be able to offer its security training courses to different corporate sectors, beginning from
- National CERT – Silensec collaborates with the ITU for the delivery of regional
cyber drill to national CERTs. They will be Silensec’s primary target audience
- Telcos - This is Silensec most served business sector
- Finance – This is Silensec second best served business sector
- Government – Here Silensec aims to use SOLE and Cyber Range for the
development and delivery of national cyber security competitions
During the course of COMPACT and through the monitoring of the security awareness
market space, it became clear to Silensec that it would be very difficult to develop a
financially sustainable business proposition in the security awareness domain, which was
being more and more dominated by a number of key players. However, Silensec felt that it
would be more appropriate to focus on the development of the Cyber Range platform to
offer organizations hands on training and combined security awareness and practical
training. While the development of security awareness content and assessment continue
on SOLE and SOLE was used to deliver business services to LPAs through the COMPACT
platform, more emphasis was put on the development of Cyber Range and on the
development of LPA-specific scenario which would be both gamified and replayable and
allow LPAs to better assess their level of compliance with GDPR requirements. The
development work done and required for the delivery of COMPACT services via Cyber Range
resulted in considerable improvements and new development of Cyber Range which have
resulted in the following financial achievements in the last quarter of COMPACT lifetime.
- Sale of the first Cyber Range appliance to a university in the US with a 5 year support
engagement;
- Sale of a subscription to cyber range cloud platform to a major government entity in
the Middle East with a three-year engagement;
- Sale of a cyber drill to a major central bank in Asia – This exercise brought together
over 20 people from across senior management and technical team from the SOC
and Red Team departments for a one-day simulation which included both tabletop
and practical challenges. This exercise was highly based on the experience
developed within COMPACT for the development and delivery of the GDPR Came
Along.. game;
- Sale of national cyber drill and training for a regulatory in Africa, including a
subscription to cyber range for 50 participants;
Beyond the immediate financial benefits, more strategic exploitation results were also
obtained. Cyber Range has stablished distribution and reseller agreements with major
Page 23 / 41
partner from around world. In June 2019 Silensec hired 3 new staff members to work on
content development for Cyber Range, who were also involved in the development of the
GDPR game for COMPACT. In November 2019 Silensec hired a Head of Marketing and
Business development to build channel relationships and sales from US, Europe, Middle
East, Asia and Australia. A number of other positions are currently being advertised by
Silensec to support the growth of Cyber Range, including
- Digital Marketing Manager

- 4 x Software developers

The exploitation results have been in line with plan and in fact exceeded Silensec’s
expectations.
Table 5 - Cyber Range Exploitation Results
3.3. ENG
Engineering is the largest IT group in Italy. With more 11,000 professionals in 65 locations in
Europe, South and North America, The Engineering Group serves clients in more than 20
countries, designing, developing and implementing innovative solutions for all major business
areas in which digitalization has or will have the biggest impact. Engineering operates through
sector focused business units which deliver innovative IT solutions to main vertical markets:
Aerospace, Insurance, Automotive, Banks, Consumer Products, Defense and Aerospace,
Energy & Utilities, Training, Central & Local Government, Homeland Security, Life Science,
Manufacturing, Media, International Organization, Retail, Healthcare, Telecommunications,
Transports, Welfare. During the last year, the cybersecurity domain became strategic for
Engineering as it decided to increase its cybersecurity offering by acquiring CyberTech
company and by leveraging on its customers’ portfolio.
Across all these markets, ENGINEERING positions itself towards its client base as a partner for
the whole digital transformation journey. To fuel this approach, ENGINEERING implements a
highly structured innovation process, in which Research & Development represents a core
pillar, both as an internal development force of more than 420 researchers across 4 R&D labs,
and through partnerships with highly skilled international partners and networks. This
innovation process is strongly linked to the exploitation strategy planned from the company
in each research activities/project where the approach “research-innovation-market uptake”
is built around a synergic collaboration between the Research Dpt and the Business Units
connected to the specific domain covered from the project. This approach allows to exploit
both research and business assets addressing real needs coming from the market.
Engineering, besides being the Project Coordinator, is in charge of the WP4 with the
following key objectives:
• Developing and delivering the Awareness & Education Component

• Developing and delivering the Risk Assessment Component
• Developing and delivering the Community tool
Page 24 / 41
Engineering expects to increase its capability of offering innovative solutions to its clients,
especially in the security domain, by utilizing COMPACT results and possibly expanding its
current services portfolio. Additionally, Engineering is interested in the potential re-use and
adaptation of some innovative solutions developed in COMPACT. Engineering, as coordinator
of the project has created a project management and structure already conceived to promote
the exploitation of results. Engineering is strongly interested in committing to joint initiatives
with other project partners, to further exploit the COMPACT results in the future.
The following table outline Engineering’s exploitation plans with regards to its products and
services.
Exploitation Type Research

Product/Service: OPENNESS.EDU
Exploitation Plan
ENG aims to exploit the results of the work done on OPENNESS.EDU financially and
through the research.
OPENNESS.edu is a platform specifically designed for educational and teaching system. It
is an Open Source Learning Management System (LMS) based on Moodle. It provides
innovative collaboration tools to enhance learning assessment practices through digital
technologies.
It is based on a traditional LMS designed to support the learning processes both in
corporate and in education sector providing a set of services for training and skills
development.
During the project lifetime, OPENNESS.edu was made multi-language and easy to use for
users with low IT skills. Many of its bugs and missing features are fixed and many courses
have been added to the catalogue. These improvements allow the platform to become
more usable and ENG was able to set up an advanced demo version used to show these
enhancements to its Business Units and Customers and to discuss with them about future
exploitation goals in different markets.
Demonstrations were carried out also to other projects in which ENG is involved (i.e.
CyberSec4Europe – GA 830929) and to 3 acknowledged forums in Italy: ForumPA (Rome),
Major cities of Europe (Venice), After (Bologna).
No deviations.
Table 6 - OPENESS.EDU Exploitation Results
Exploitation Type Research&Financial

Product/Service: RATING (Risk Assessment Tool for INtegrated Governance)
Exploitation Plan
ENG aims to exploit the results of the work done on RATING financially and through the
research.
RATING, initially conceived in the HERMENEUT project (G.A. 740322) and then further
evolved by the Engineering Lab in the context of COMPACT, is a solution to manage the
exposure of organizations, and their employees, to cyber risks.
Page 25 / 41
RATING allows companies to understand the most probable strategy attacks, and to then
evaluate how ready the organization is based on the types of attacks. Therefore, the
outcome of this component, i.e. the Risk Profile, will help organizations to prioritize the
actions to be put in place to improve resilience against cyber threats.
Engineering’s exploitation goal is to investigate the potential application of RATING in the
LPA market.
Exploitation Results (Research)
During the project lifetime, RATING became more focused on the LPA needs, some of the
sections were customized to better fit the characteristics of LPA services. Many of its bugs
and missing features have been fixed, and it has been validated in the operational
environment of LPAs, thus evolving it from TRL5 to TRL7. These improvements made
RATING more advanced and stable, thus nearest to the market route.
RATING will be proposed within other new projects (e.g. Cybersec4Europe) and future
proposals in order to build a complete (from both the functional and the methodological
point of view) cyber risk assessment tool for public and private organizations. In particular,
RATING will be further evolved beyond COMPACT to add automation features and including
also external risk assessment.
CyberSec4Europe – GA 830929) and to acknowledged LPA- related forums in Italy: ForumPA
(Rome), Major cities of Europe (Venice), After (Bologna).
Exploitation Results (Financial)
Due to its versatility, RATING can be exploited in different markets where the cyber security
plays a crucial role or where the cyber risks need to have a “value” (contracting, service level
agreement, insurance, etc.). This was discussed between ENG Research Dpt, CyberTech (a
newly acquired cybersecurity company) and Municipia, the company, own by Engineering,
which core business is with LPAs. The main topic of the discussion has been to plan market
oriented customization for specific sectors. The mentioned companies are interested to
include RATING as part of their own market offering for their respective sectors covered.
Furthermore, RATING was also presented to the city halls of Genova and Roma Capitale with
the aim to discuss the potential applicability and improvement based on the Municipality’s
specific context and relative needs.
During the project course ENG has preferred to involve different entities than the business
units declared into the proposal as individual exploitation plan. The reason is linked to a
new cybersecurity company which joined the Group in last year, as it was interested to the
COMPACT's exploitation scope.
Table 7 - RATING Exploitation Results
Exploitation Type Research&Financial

Product/Service: TO4SEE (assessmenT tOol for Social Engineering Exposure)
Exploitation Plan
ENG aims to exploit the results of the work done on TO4SEE financially and through the
research.
Page 26 / 41
The TO4SEE is a tool initially prototyped in DOGANA (G.A. 653618). As quiz-based game
allows not only the estimation of the employee to detect SE attacks, like many other tool
available online, but also to measure the susceptibility of each employee to specific kind of
attacks; this feature will allow organizations to tailor the selection of awareness and
training methods to the specific needs and attitudes of each employee, thus maximizing
the investment made in the internal cybersecurity campaigns.
Engineering’s exploitation goal is to investigate the potential application of TO4SEE in the
LPA market.
Exploitation Results (Research)
During the project lifetime, TO4SEE was made localised (multi-language and tailored
phishing messages to make them more appeal to the user under test) and easy to use for
users with low IT skills. Many of its bugs and missing features are fixed and the integration
to the OPENNESS.edu platform was realised. This made much more usable the tool and ENG
was able to show these enhancements to its Business Units and Customers for further
customizations in specific market sectors.
TO4SEE will be proposed within other new projects (e.g. Cybersec4Europe) and future
proposals in order to improve the gamification features against social engineering attack.
CyberSec4Europe – GA 830929) and to 3 acknowledged LPA- related forum in Italy:
ForumPA (Rome), Major cities of Europe (Venice), After (Bologna).
Exploitation results (Financial)
Being a tool against SE attack, TO4SEE can be applied in all the sectors where the human
component plays a relevant role. This topic was discussed between ENG Research Dpt,
CyberTech (a newly acquired cybersecurity company) and Municipia, the company, own by
Engineering, which core business is with LPAs. The main topic of the discussion has been to
plan market oriented customization for specific sectors. The aim of these workshops is to
evaluate how to include TO4SEE as part of the ENG corporate market offering.
Furthermore, TO4SEE was also presented to the city hall of Genova and Roma Capitale
with the aim to discuss the potential applicability and improvement based on the
Municipality’s specific context and relative needs.
No deviations
Table 8 - TO4SEE Exploitation Results

Product/Service: CyberConnector
Exploitation Plan
ENG aims to exploit the results of the work done on CyberConnector financially and
through the research.
CyberConnector is the online space open to private organisations, public administrations,
CERTs, law-enforcement agencies and individuals to create and enhance collective
knowledge to improve cyber-security. CyberConnector hosts communities focusing on
detecting and mitigating botnets, assessing cyber-risks, identifying needs in fighting cyber-
terrorism and on-going collaborative European projects. CyberConnector is open for new
Page 27 / 41
communities to join its environment - with the added value of immediately giving your
community access to a wider network of individuals and organisations working together to
speed up the identification, detection and mitigation of cyber-threats.
During the project lifetime, the CyberConnector was extended with the “Information Hub”.
This space facilitates the sharing of guidelines and best practices, and educates LPAs on the
main risks and threats related to cyber-attacks.
In a sentence, the Information Hub is the COMPACT component dedicated to share
information and knowledge with other LPAs. The tool was made localised and easy to use
for users with low IT skills. This made much more usable the tool and ENG was able to show
these enhancements to its Business Units.
During the project, CyberConnector also increased the number of users connected to the
platform, testing its stability and security. Furthermore, COMPACT allows CyberConnector
to build a strong network made by professional organizations involved in cyber security
business and discussion. This network will be exploited for future research activities at
European and global level.
CyberSec4Europe – GA 830929) and to 3 acknowledged LPA-related forums in Italy:
ForumPA (Rome), Major cities of Europe (Venice), After (Bologna)
No deviations
Table 9 - CyberConnector Exploitation Results
3.4. AIT
AIT has a dedicated research area and research group on Human-Computer Interaction for
Privacy, Security & Trust, which will be heavily affected by the activities in COMPACT. As a
consequence, this research group will focus its research efforts on technological and gameful
interventions for organizational information security. AIT expects the following outcomes:
• A scientifically proven framework for the design and evaluation of gameful

interventions in the domain of organizational information security. This framework
consists of design dimensions, evaluation dimensions on technology level and
evaluation dimensions on organizational level. This framework provides a concept and
a strategy how to design and evaluate innovative and successful user interfaces for
information security in organizations. On the level of design dimensions, AIT expects
to provide advanced interaction and interface concepts. On the basis of technology
level evaluation, AIT expects to provide a newly developed and validated questionnaire
for assessing persuasive effects on security attitude and behaviour. This questionnaire
will be applicable for all kind of end-to-end persuasive security systems.
• Furthermore, AIT will provide a model for assessing user experience, usability and
technology acceptance of end-to-end security technology. AIT will provide guidelines
on how to assess the effect of end-to-end security systems on organizational level
regarding information security policy compliance factors. All parts of the framework
will be offered as a consultancy to organizations –either in part or full.
Page 28 / 41

Product/Service: Security Awareness Games (Sectopia, Investigator’s Diary)
Exploitation Plan
AIT will exploit the resulting games by adding them to their existing portfolio of security
awareness methods. The content will be tailored to specific needs of organizations and
used in bundles to enhance other security intervention methods.
We have successfully added Sectopia and Investigator’s diary to our portfolio of cyber
security interventions. Sectopia is available as a browser game hosted on AIT servers and
is actively promoted and demoed to potential clients. Investigator’s diary is available as a
print and play version (booklet, buttons and sticky notes) and is promoted as a
complementary method with other interventions. This will ensure future financial
exploitation.
In order to set up exploitation measures in research, valuable data was collected in the
project, which will be further extended after the project and subsequently disseminated.
From an operational perspective, only minor success was achieved. Awareness was
increased at the AIT's Center for Technology Experience, but not at an organizational level.
Research results are delayed and will be published after finalization of the project.
We still have to develop strategies on how AIT (the complete organisation) can benefit
from the awareness games, as the organisation differs in many ways from the target group
(LPAs).
Table 10 - AIT Games Exploitation Results

Product/Service: Human Factor Profiling
Exploitation Plan
AIT will publish the human factor profiling instrument in a scientific journal and validate it
within several empirical studies with employees from various organisations.
Human factor profiling has been validated within empirical studies. Results are currently
under review in the journal Computers & Security.

No deviation from the plan.
Table 11 - AIT's Human Factor Profiling Exploitation Results
Page 29 / 41
3.5. BIT
Since BIT is the IT service provider for the administration of Bremerhaven and owned by said
administration, there are no competitors. BIT is working very similar to a department of the
administration. So all services requested from BIT by the administration don’t have to be
tendered. BIT will continue to support the administration of Bremerhaven in using the services
implemented during the COMPACT project, as long as those services don’t cause additional
costs above 10,000 € and are still valuable for Bremerhaven.

Product/Service: Cyber Security Awareness Methods
Exploitation Plan
BIT will continue to use the solutions offered by the COMPACT project with specific
emphasis on the security awareness services and the best practice information on the
Cyberconnector.
During the project BIT used various tools from the COMPACT suite to raise and evaluate
awareness about cybersecurity. For evaluation the HFP questionnaire, the TO4SEE tool
and RATING were successfully tested and valuated for a future usage in the LPA. For
awareness raising the Investigator’s Diary, SECTOPIA and KIPS were tested. The
functionalities pf SECTOPIA were evaluated to be the most useful for awareness raising.
The Information Hub (cyberconnector) was also tested as a tool to find and share
information about best practices and cyber security threats. The need for such a central
depository is clearly there and BIT hopes, that the Information Hub will continue to grow
and thus be even more valuable.
As far as BIT is concerned the exploitation results met the exploitation plan.
Table 12 - BIT Exploitation Results
3.6. INOV
INOV INESC INOVAÇÃO is the leading private non-profit Research and Technology
Organisation in Portugal, in the areas of remote monitoring, ICT and electronics. The INOV
mission is to guide technological development and innovation processes, in close cooperation
with governments, enterprises and universities. INOV has accumulated strong technical
expertise in: communication equipment and services; sensor networks, architectures and
protocols; speech technologies and systems; navigation systems and fleet management;
remote monitoring and surveillance systems; security and defence systems; cyber-security;
control and electronics development; organisational engineering; risk and resilience
management for critical infrastructures (CI).
INOV provides services for computer security incident response, which include forensic
analysis and has consolidated knowledge and proven installed solutions for security,
monitoring and surveillance.
Page 30 / 41
In the COMPACT project, INOV will adapt BP-IDS to the LPA ecosystem, namely implement
protocol adaptors to handle monitoring processes that heavily resort to databases. INOV also
expects to assess the feasibility of using BP-IDS to monitor GDPR compliance processes, which
can extend the current potential market for BP-IDS.

Product/Service: BP-IDS
Exploitation Plan
After demonstrating the application of BP-IDS in the LPA environment during COMPACT
project, INOV will engage in direct sales as well as in the construction of partnerships with
other IT providers (potentially with COMPACT partners) presenting BP-IDS as a
complementary product to already existing solutions. This may involve product
presentation in targeted meetings and at industry fairs. Other market segments may be
considered as BP-IDS potentially gets validation in upcoming research projects.
INOV also plans to exploit the project results using the know-how gained through the
action to improve existing INOV solutions and products; exploring new business
opportunities, either related to COMPACT itself or to the technologies developed and
demonstrated by the Consortium.
During the project, INOV successfully demonstrated the application of BP-IDS in the LPA
environment, it started engaging with communities of LPAs in Portugal (through some
dissemination and communication events with CMA) benefiting from the general
dissemination efforts of the project, and access to the LPAs communities provided by
COMPACT partners to present BP-IDS and explain how it can be used. This year INOV also
made two target presentations of BP-IDS to potential partners in commercializing BP-IDS,
although not resulting directly from COMPACT ecosystem, the results of the COMPACT
trials were mentioned as a success case.
No deviation on the plan, this is an ongoing task that will continue after the conclusion of
COMPACT project.
Table 13 - BP-IDS Financial Exploitation Results

Product/Service: BP-IDS
Exploitation Plan
As a non for profit research and technology transfer institute with strong links to the
Portuguese technical universities, one important result of the participation in COMPACT
will be to increase the expertise in the field of cybersecurity and to transfer this
knowledge to the potential Portuguese end users via its established partnerships with
educational entities, LPAs and local authorities. INOV plans to share this knowledge with
the Portuguese universities associated with INOV. In this field INOV has a PhD candidate
doing his thesis on the application of BP-IDS solution, two MSc thesis on how to further
Page 31 / 41
extend BP-IDS solution and will propose new thesis on this topic moving forward on the
results achieved during the COMPACT project. INOV plans to use the results of the trials to
leverage new research that may represent further contributions to the field of Intrusion
Detection Systems and/or Quality Monitoring systems.
Two thesis (MSc) were concluded with the work on BP-IDS related with COMPACT project,
two new ones have been initiated as follow-up work, further developing the research on
the usage of IDS technologies and how BP-IDS can help assessing the impact of
cyberincidents on Business Processes and Activities.
No deviation on the plan, this is an ongoing task that will continue after the conclusion of
COMPACT project.
Table 14 - BP-IDS Research Exploitation Results
3.7. CINI
Exploiting the results of medium and long-term research in the field of Information and
Communication Technology (ICT) is an integral part of CINI mission. CINI was in fact created
with the specific objective of favouring research as an enabling factor for boosting the ICT
industry and academy in Italy. Since its inception, CINI has been running technology transfer
programs, to facilitate the adoption of novel technologies by the industry, and incubator
programs, to favour the creation of spin-off initiatives involving both academia and industry.
The research team belonging to the CINI consortium involved in the project is the Fault and
Intrusion Tolerant Networked SystemS (FITNESS) Research Group
(http://www.fitnesslab.eu/), which consists of researchers, who are currently at the University
of Naples Parthenope. Considering FITNESS team’s research interests, the opportunity to
exploit the scientific outcomes of COMPACT is desirable in order to take an international
research leadership within the specific field of cyber-security. The realistic scenario underlying
COMPACT and the challenging research directions envisioned in the project represent an
extraordinary occasion to make progress in several fields such as risk management, data
protection, cloud security, and threat intelligence.
CINI research unit at University of Naples Parthenope has large experience in providing
academic and professional courses in the area of information security, critical infrastructure
protection, critical systems development, and computer architectures. For this reason, in
quality of academic partner, it will exploit the carried out research activities for education
purposes. Specifically, CINI research team will use the knowledge and outcomes of the project
for enriching the contents of Master degree and PhD courses within the Department of
Engineering.
Furthermore, the FITNESS Group also provides highly professional consultancy services,
knowledge transfer, cutting-edge technology development to public bodies and
administrations. Consequently, it can take advantage from the cooperation with COMPACT
partners for organizing long-term joint undertakings beyond the project such as joint national
and international research projects, as well as cooperation initiatives between academia and
public sectors.
Page 32 / 41
Product/Service: SOC
Exploitation Plan
CINI aims to exploit the results of the work done on the SOC providing a free solution that
can be used by LPA to improve their cyber security monitoring capabilities.
The COMPACT SOC has been implemented by using open source solutions and it will be
released in the next few years as open source software.
Additionally, the FITNESS Group has started the procedure in order to create a spin-off by
using the COMPACT SOC as main product. The spin-off will offer two solutions, the Open
Source one that will be made available as free of charge product, and a commercial one
that will include additional features. Both solutions will be enriched by a paid support
service.
Considering that the FITNESS group is an academic team, the procedure needed to create
the spin-off inside the university is a very long process that will be completed in the next
year. In the meantime, to shorten the time to market period, FITNESS group is evaluating
the possibility to create an Innovative Startup that will be after words converted in a spin-
off.
A collaboration activity has been set-up between CINI and GNSIL in order to extend the
Cyber Range platform to the SCADA cyber security domain, including the development of
SCADA specific scenario in Cyber Range.
The results are in line with the plan
Table 15 - CINI SOC Exploitation Results

Product/Service: SOC
Exploitation Plan
Considering the academic nature of CINI, it will exploit the results of the project via
publications and participation to scientific conferences.
A PhD within the Department of Engineering has been carried out during the project
lifetime on the COMPACT project research topic and in particular on the real time security
monitoring.
Two PhD lectures, one in the TAROT summer school and one in the NeCS Cyber Security
Winter School have been given by presenting the COMPACT approach/technologies with
particular focus on the cyber security monitoring.
Five COMPACT related scientific conference paper plus one journal article have been
performed.
The results are in line with the plan
Table 16 - CINI SOC Exploitation Results
Page 33 / 41
3.8. KSP-IT
Kaspersky Lab Italia SRL has brought into the project expertise in cyber-security awareness
training with approach based on gamification. Kaspersky is in charge of the Gamified
Educational Trainings task and its key objectives are:
• Developing and delivering a new scenario tailored for LPAs in the Kaspersky
Interactive Protection Simulation (KIPS) product.
• Developing and delivering a new map to deal with common cyber-threats in an
emulated LPA work environment in the Kaspersky CyberSafety Management Games
(CSMG).
With these two new scenarios, Kaspersky expects to expand the customer base of its gamified
training specifically among the LPAs and in general among the organizations which care about
protecting their reputation against cyber-security threats. Kaspersky is interested in
committing to joint initiatives with other project partners, to further exploit the COMPACT
results in the future.
The following tables outline Kaspersky’s exploitation plans with regards to its products and
services.

Product/Service: KIPS and CSMG
Exploitation Plan
KIPS is a gamified educational training that places decision makers and IT security teams
from Local Public Administrations into a simulated work environment facing a series of
unexpected cyber-threats, while trying to maximize the LPA reputation and maintain
confidence. CyberSafety Management Games (CSMG) is a gamified security awareness
training aimed to provide employees with competence, knowledge and attitudes to
maintain a secure working environment in their Local Public Administration. It covers all
major security domains and typical situations in an LPA workplace. Participants put
“casino-style” bets on all the potential cyber-threats zones to win (or lose) the highest
score in the competition
From the financial perspective KSP aims to exploits the results of the work done on KIPS
and CSMG as defined in the following plan.
To reach the customers, KSP will use the following three channels:
1. KSP direct channels of distribution – the KSP sales employees from the Territory
Offices will be responsible to sell the new KIPS and CSMG versions to the LPAs in
their region; the KSP sales employees will be trained to promote the awareness offer
included in the COMPACT platform. The KIPS and CSMG games will be available for
sale to the LPA on the awareness section of the local Kaspersky web-site.
2. KSP official partners - KSP partners throughout the world ensure a local presence
where customers have access to the latest technologies and expertise of KSP: by
interacting with the KSP local sales office, KSP’s extensive partner network is able to
reach a potential huge number of LPAs interested in buying the KIPS and CSMG
versions included in the COMPACT platform.
Page 34 / 41
3. KSP COMPACT partners – KSP COMPACT partners will be enabled to sell KIPS and
CSMG. Unlike the KSP official partners, KSP COMPACT partners will have a single
point of contact to access the KIPS and CSMG sales services, the KSP Italian Pre-sales
office.
The two games will be available with three different types of license:
1. Training session license – through this license an LPA can buy a single training
session. The price includes the training equipment and the trainer travel costs and
does not depend on the number of LPA employees attending the training. The
trainer is provided by Kaspersky.
2. Training center license – this license allows a partner (either official or COMPACT) to
re-sell KIPS and CSMG to their LPA customers for 1 year. The price includes a Train-
The-Trainer session for partner’s trainers and does not depend on the number of
training sessions performed and on the number of LPA employees attending the
training. For COMPACT partners, about KIPS the plan is to perform a Train-The-
Trainer (T-T-T) session for GNSIL, and S21SEC trainers, and about CSMG the plan is
to perform a T-T-T session for GNSIL, S21SEC, and ENG trainers; if a KSP trainer is
needed (e.g. when the partner’s certified trainer does not speak the same language
of the employees of the LPA buying the training), the COMPACT partner can contact
the KSP Italian Pre-sales office to hire one or more KSP trainers. COMPACT partners
with certified trainers will have the right to buy their license at a reduced price till
December 2020.
3. Enterprise license – through this license an LPA can buy an unlimited number of KIPS
or CSMG training sessions during 12-months period (inside the organization only -
no commercial use, no sublicensing). Train-the-Trainer session for LPAs internal
trainers, access to software and training materials will be provided by Kaspersky. For
COMPACT LPAs, about CSMG the plan is to perform a T-T-T session for BOL, and DSS
trainers, and to provide them an Enterprise license expiring in December 2020. If a
KSP trainer is needed (e.g. when the partner’s certified trainers are not enough to
train all the employees of the LPA by the end of the time-slot), the COMPACT partner
can contact the KSP Italian Pre-sales office to hire one or more KSP trainers.
From the research point of view KSP will use the lessons learned together with the LPA
Partners about cyber-risks, attack vectors, and how to address them learned during the
COMPACT project to develop a new awareness platform based on automation and micro-
learning.
About financial exploitation results, KSP has implemented the distribution channels and
the different types of license for KIPS and CSMG, as defined in the Exploitation Plan.
About KIPS, the most important financial result has been achieved through the KSP direct
channels of distribution, by the sales employees of the DACH (Deutschland, Austria, and
Swiss Confederation) area, who were able to sell a training session license of the KIPS LPA
scenario to the International Committee of the Red Cross (ICRC).
About CSMG, an important result has been achieved through the KSP direct channels of
distribution, by a sales employee of the Italian Territory Office, who has captured the
Page 35 / 41
interest of Confagricoltura (The General Confederation of Italian Agriculture, who

represents and protects Italian agricultural enterprises), but their interest has not yet been
turned into sales.
About the research exploitation results, KSP has introduced in K-ASAP, a new awareness
platform based on automation and micro-learning, the lessons learned together with the
COMPACT LPA partners about cyber-risks, attack vectors, and how to address them.
The two main deviations from the Exploitation Plan are:
1. Only the KSP direct channels of distribution have been able to reach significant
results: an event for KSP official partners to better communicate the innovations
included in KIPS and CSMG has been delivered in September 2019; an increase in
sales from this channel is expected by Q1-2020.
2. The KIPS and CSMG certified trainer from S21SEC resigned and no new trainers from
S21SEC have been certified to replace him: in case of sales from S21SEC, this will be
managed with a request for KSP trainers in any case.
Table 17 - Kaspersky Exploitation Results
4. COMPACT Business Model Evolution and Post Project Exploitation
4.1. SWOT Analysis
As changes in the market landscape and competition occurred, the COMPACT business model
was also reviewed to keep it in line with the changes being observed. Specifically, the initial
SWOT analysis was reviewed and changes where identified. The following table illustrates the
updated COMPACT SWOT Analysis, annotated to show how the changes that have been
observed in the target market and from the competition have affected COMPACT business
model. The table also identifies the key areas which experience variation over the lifetime of
the project. The specific variations are described in detail below.
Page 36 / 41
STRENGTHS WEAKNESSES
▪ Value for money security services • Challenging business model
▪ Sectors-specific focus • LPAs have a bureaucratic and lengthy procurement
▪ LPA-centric Holistic approach to security process
▪ Innovative approach to security awareness • Challenging integration of security controls and
processes
▪ Security by design GDPR compliant solution
• A substantial brand awareness effort is required
• COMPACT services are not market leaders
SWOT
OPPORTUNITIES THREATS
• Currently LPA domain is not a business focus of major
• Some major vendors may decide to also focus on the
vendors
LPA market
• Gamified security awareness is not yet mature
• Some security domains are becoming highly
• Most vendors provide little or no holistic approach to commoditized
security.
• Business model may fail due to the large number of
• GDPR compliance driving up security spending from COMPACT partners
LPAs.
Table 18 - COMPACT Updated SWOT Analysis
4.1.1. Strength
4.1.1.1. Value for money security services
As many professionals agree, it is maintained that Pareto principle applies also to security
industry whereby 80% of security risks are dealt with by applying 20% of the effort and
associated costs. In other words, the lower an organisation wishes to reduce its risks, the more
it has to invest. For the majority of organizations, the security posture can be greatly increased
by addressing the low hanging fruits that make those organizations an easier target than many
and hence more prone to suffer a security breach. Through its integrated and holistic
approach, COMPACT allows organizations to address the biggest risks while keeping the costs
required by highly specialized solutions downs.
Over the lifetime of COMPACT the value for money has somewhat diminished. Especially in
relation to security the provision of security awareness where the market has taken a big turn
towards massively scalable services and offering from international players
4.1.1.2. Innovative approach to security awareness
When COMPACT started, security gamification was on the rise and more and more providers
have been looking at security gamification as, literally, a game changer to manage the risk
associated to the human. Fast forwarding to three years later and at the end of the project, it
is clear that security awareness gamification is not yet mature nor being actively pursued by
vendors and primarily being used by large corporate as a way of getting into the client to then
upsell its products and services. This approach has resulted in great exploitation results for
one of the COMPACT partners (Kaspersky Labs) for which such approach works while it is not
likely it will produce tangible results for other COMPACT gamified security awareness
propositions. Once more, the gamified approach shifted more and was better suitable to
Page 37 / 41
security training vendors. Here too COMPACT has one product and partner, Cyber Range by
Silensec. However, the pure-play security awareness gamification did not reach its scalable
results
4.1.1.3. Security by design GDPR compliant solution
The COMPACT Platform toolchain is fully compliant by design with GDPR norms and
prescriptions. While this could have been a key differentiator at the beginning of the project,
other players and vendors in the market have caught up by now and invested far more
resources into promoting GDPR-compliant products and services than available to COMPACT.
As such, security by design GDPR solution is no longer such a great differentiator for
COMPACT.
4.1.2. Weaknesses
4.1.2.1. Challenging integration of security controls and processes
The fundamental assumption of COMPACT business model is that LPAs lack the skills and
often the budget to address security risks the right way and therefore a holistic, value-added
solution would go a long way to meet an existing business need. Unfortunately, while
COMPACT comes along with a solution, it is fair to assume that many LPAs do have some
level of security and a number of security controls have already been implemented and
some investments already made. An LPA may already have invested in a security awareness
solution or a web application firewall or even have contracted a third party to provide
managed security services. In such cases, and this is likely to be the most common scenario,
COMPACT services and products have to be integrated with pre-existing or security controls
or services.
Furthermore, the COMPACT’s own experience of integrating different components, while
finally successful, only served to stress to the complexity and challenges of integrating
different solutions with one another.
4.1.2.2. It requires a substantial brand awareness effort
As demonstrated by the COMPACT awareness campaigns and outreach effort done by the
consortium, it remains challenging to create a brand and to position it in a market which is
already highly competitive and financed at the tunes of millions of dollars. Professional
figures such as digital marketing managers for instance are key and would need to be
effectively integrated into the COMPACT team in order for COMPACT to be successful. While
project awareness and engagement KPI were reached, they are indicative of the effort
required in order to be able to reach commercially significant results after the projected has
been completed..
4.1.2.3. The majority of Individual COMPACT services are not market leader and have strong direct competition
As it was shown in the competitor analysis done in deliverable D7.1, the majority of the
solutions developed by COMPACT would not be considered market leaders at the beginning
of the project. However, over the course of the project two project partners experience
Page 38 / 41
considerable growth in their service offering and market leadership in their own respective
fields and business sectors, namely Kaspersky Labs and Silensec. The former further
developed its line for security awareness games and is increasing market share. The latter,
while still remaining an SME and without any type of market leadership, managed to
successfully position its cyber range platform in front of key competing vendors on a number
of business opportunities, thus demonstrating its visibility in the market.
4.1.3. Opportunities
4.1.3.1. Gamified security awareness is still not a mature technology
While the security awareness market has already identified some leading vendors, the used
approach is still driven by the enterprises rather than by the end-users. Gamification changes
that, by leveraging the inner motivation of people to play, and hence to learn by playing. Since
the gamification approach is yet to be mainstream and to prove its value, it may be an
opportunity for COMPACT to make a dent into the security awareness market.
For COMPACT security awareness gamified approach to succeed, it has now to compete with
major vendors who offer very low cost solution, which are scalable and include a lot of
content. This is less likely to happen especially because it would require large investment in
terms of branding and it would face the replayability issue since all the games developed by
COMPACT cannot be played multiple times by people who have been able to learn the
maximum that the product can offer, and therefore have limited usage.
4.1.4. Threats
4.1.4.1. Some security domains are becoming highly commoditized and major security brands can offer premium
services at very reduced costs, based on economies of scale
As outlined earlier in this document, large vendors are now beginning to offer more and
more security services and managed security services through the provision of highly
commoditized products and actual services. This will make it very challenging for COMPACT
to compete since LPAs will more and more have to decide between procuring service and
products from known vendors or rely on the yet cost effective tools provided by. The main
difference will be provided by the local consultant or system integrator in charge of
delivering the service.
4.2. Post-Project Exploitation
Developing a successful business model is always challenging. While COMPACT is made of

experience partners, successful in their own right, COMPACT itself is, for all intents and
purposes, a start-up. A business model was developed and agreed by all partners, which would
allow COMPACT to develop further into a sustainable commercial proposition after its
completion. However, changes have been observed in both the market, the technologies and
the competitors in the COMPACT space, and it challenges COMPACT’s existing business model,
which would need a champion stakeholder to manage and bring the platform forward.
Page 39 / 41
The following table summarizes how the post-project management of the COMPACT platform
was affected during the lifetime of the project. Two options were identified.
Platform Management Option Changes and Evolution

Led with partner’s funding – In this option None of the partners was identified to
the COMPACT platform is managed by one pursue this option. The underlying reason
of the COMPACT partners, which takes was identified in the large effort that a
responsibility of providing the majority of partner would need to deliver in order to
the required resources with other project promote and sell COMPACT. The effort in
partners providing the remaining resources. brand creation would not be justified,
This model is based on the assumption that primarily because of other existing solutions
each partner would be able to partially in the market and integration effort.
allocate some of their resources for the
management of COMPACT. For instance, a
COMPACT partner with an existing large
infrastructure could easily use the same
infrastructure to run the COMPACT platform
without extra investments. Similarly,
another partner would be able to allocate
the services of graphic designers, social
media managers or security consultants
already on the payroll. The revenue
generated would then be distributed based
on the committed effort.
Led with VC Funding – In this model, one As per the previous option, it would not be
specific partner takes the lead to manage conceivable to convince an investor, which
the COMPACT platform and all its processes, would be seeking to see a partner taking a
once more piggy backing on existing leading role in bringing the COMPACT
resources while investing more resources to platform forward.
ensure the successful operations. After an
initial period of operation, the partner would
then require or preferably seek private
investments to scale operations globally. For
this model to work, the partner would seek
to agree IPR usage agreements with the
other COMPACT’s partners.
The strategy to achieve joint sustainability, based on the original one described in
deliverable D7.1 is outlined below:
1) The COMPACT Platform will be hosted for a period of two years, during which it will
continue to offer free subscription to new LPAs. The incentive to subscribe to the
platform should allow COMPACT to reach a critical mass of subscribers to ignite the
identified business model and self-sustaining revenue;
2) All services from the COMPACT platform, which do not require active human resources
beyond the actual management of the platform, will be freely accessible. For any other
Page 40 / 41
service, each COMPACT partner has defined a subset of service to be provided free of
charge for proof of concept on a voluntary basis
3) All COMPACT partner services will be made available to COMPACT partner for
individual exploitation on the basis of IPR management rules defined in D7.1
5. Conclusions
COMPACT operates in the very dynamic and competitive market of information and cyber
security. The ability to delivery effective results to its end users while at the same time
developing a competitive solution in the marketplace is already a considerable achievement.
Furthermore, as outlined in this deliverable, tangible exploitation results have been achieved
in the lifetime of the project, long before its conclusion, with worldwide impact for one of the
SMEs in the project and for other partners too. The post-exploitation of the project will be
based primarily on the usability of each COMPACT partner’s IPR by the other partners and of
the COMPACT overall knowhow and relations developed during the lifetime of the project.
Ultimately but most important, the COMPACT platform and information sharing platform will
serve as a valuable resource for LPA in the achievements of their security posture and
compliance with security requirements from the business, laws and regulations
Page 41 / 41

D7.4 COMPACT Exploitation Results: Work Package: Lead Partner

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

D7.4 COMPACT Exploitation Results: Work Package: Lead Partner

Uploaded by

Copyright:

Available Formats

Ref.

D7.4 COMPACT Exploitation Results

Project co-funded by the European Commission under the

Reviewer 28/11/2019 KSP-IT Approved with comments

Definitions and acronyms

B2C Business to Consumer

This document is structured as follows:

2. Market and Competitor analysis

Figure 1 - COMPACT Services

Table 1 - COMPACT Platform's architectural components

2.1. Security Training and Awareness

Figure 2 - Security Awareness Market Leaders According to Gartner

Figure 3 - Investments Received by KnowBe4 over COMPACT lifetime

Figure 4 - Companies acquired by KnowBe4

Security Gamification not proven to be Mainstream – It is interesting to note that none of

2.2. Cyber security Monitoring

2.2.1. Security Information Events Management (SIEM)

Figure 5 - SIEM Vendors Market Leaders According to Gartner

• Monitoring of cloud app data;

2.2.2. Business Activity Monitoring

2.2.3. Managed Security

Figure 6 - MSSP Market Leaders According to Gartner

• Security technology administration and management of firewalls, unified threat

2.3. Risk Assessment

Dynamic Infrastructure, applications and business interactions – Digital business

Security Governance – Conventional centralized security governance models are challenged

Demand for accelerated application development – The increased reliance on applications

2.4. Knowledge Sharing

2.5. Impact Summary

Domain Summary if Impact

Exploitation Type Operational

Summary of Deviations from the Exploitation Plan

Silensec is an Information Security Management Consulting and Training company specialized

Silensec has developed a portfolio of over 30 training courses

Silensec Academy empowers academia

Silensec Cyber Range

Silensec has developed a Cyber Range Platform that

Silensec Security Awareness

Silensec pioneers innovative methods for the delivery of security

Exploitation Type Financial

- A national telco in Africa as part of a wide consultancy and system integration

A further exploitation of OpenIntel is the fact that it also contributed to the

Exploitation Type Financial

- Telcos - This is Silensec most served business sector

- Finance – This is Silensec second best served business sector

- Digital Marketing Manager

Summary of Deviations from the Exploitation Plan

• Developing and delivering the Awareness & Education Component

Exploitation Type Research

Exploitation Type Research&Financial

Exploitation Type Research&Financial

Exploitation Type Research

• A scientifically proven framework for the design and evaluation of gameful

Exploitation Type Research

Exploitation Type Research

Summary of Deviations from the Exploitation Plan

Exploitation Type Operational

Exploitation Type Financial

Exploitation Type Research

Exploitation Type Operational

Exploitation Type Research

Exploitation Type Financial

interest of Confagricoltura (The General Confederation of Italian Agriculture, who