An effective cybersecurity solution from strong collaboration with LPAs
The latest events related to the unauthorized treatment of millions of Facebook users’ personal data by the voter-profiling company Cambridge Analytica and the forthcoming General Data Protection Regulation (GDPR) have again pointed out the absolute relevance of personal data security and, at the same time, raised concerns about the level of public awareness about this issue.
During the last year, cyber attacks have been increasing in terms of quantity and quality and, according to several security reports, the public sector has been the most impacted, along with the healthcare sector. In particular, Local Public Administrations (LPAs) are rapidly becoming an attractive target for cybercriminals, who might access some sets of personal data or gain control over smartly operated city resources through LPAs infrastructures, like in the recent attack to the Atlanta city. The consequences of cyber-threats have the potential to be considerable causing business interruptions, data losses, and thefts of intellectual property, significantly impacting both individuals and organisations.
In this challenging panorama, the H2020 project COMPACT (COmpetitive Methods to protect local Public Administration from Cybersecurity Threats) is operating to improve the level of protection of LPAs by providing a service-based platform, able to empower them to become the main actors of their cyber-resilience improvement process. Improving LPA preparation to face cyber threats is a key factor to reduce the probability of being compromised by a cyber-attack and the related impact. This reflects on the reduction of the connected remediation costs that may be very relevant.
To achieve this goal COMPACT has been developing a comprehensive set of tools and services, specifically tailored to the cybersecurity needs of LPAs organizations, which include services for risk assessment, game-based education, monitoring and knowledge sharing. All these services will enable them to address the human factor in cybersecurity in its multiple dimensions.
Started in May 2017, COMPACT is close to reaching its first year of activity. During this period, the analysis of the use cases has been accomplished, leading to the identification of the project’s requirements, and a first version of the architecture has been already defined. Now the Consortium is focusing on the evolution of the components strictly working together with LPAs to provide effective solution characterized by a high degree of “acceptance” in the PA very specific working environment.
 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance)