Six important insights from CONCORDIA: Europe’s largest cybersecurity consortium

In March 2023, a chapter was closed on Europe’s largest cybersecurity consortium, CONCORDIA, funded by the EU Horizon 2020 research and innovation program, with the mission to establish an EU-integrated cybersecurity ecosystem for digital sovereignty in Europe.  

The consortium was launched in 2019 and had the goal to champion security collaboration across the EU and drive forward essential research and innovations needed to create a common cybersecurity EU ecosystem.

As well as comprising an eventual 56 partners from 30 academic institutions, 24 industrial partners and two public organizations, its geographical diversity was also broad: with 17 EU member states, the UK and three states associated with the EU Horizon 2020 program all represented. Ericsson participation, together with RISE, was funded by Vinnova, Sweden’s Innovation Agency.

Strengthening European digital sovereignty

Under the Swedish Presidency of the Council of EU, Ericsson recently hosted the grand final event of the CONCORDIA project, which featured panel discussions on European cybersecurity and a review of the consortium’s achievements.  

The event included representatives from the European Commission (EC), European Cybersecurity Organization (ECSO), European Cybersecurity Community (ECCO), EU Agency for Cybersecurity (ENISA), EU Directorate-General for Communications Networks, Content and Technology (DG CNECT), National Coordinator Centres (NCCs), and Ericsson Corporate offices.

Keynote speakers and panels emphasized the need to continue strengthening Europe’s cybersecurity due to the continuously evolving threat landscape where powerful adversaries have increased motivations to intensify attacks, finding new attacks vectors in technologies and human-based processes.

European digital sovereignty also needs to be fortified to reduce the unavoidable dependencies on global supply chains where Europe needs to maintain a strong position to influence the geopolitics affecting the European markets.

Above: Panel discussion “Towards a Resilient Europe” with representatives from RISE, DG CNECT, EC, CONCORDIA, Ericsson, and ENISA

Building a Resilient Europe in the light of the multiple crises is of strategic importance.  Bringing various stakeholders together to innovate in an ecosystem and to embed the concept of resilience in all relevant activities in a holistic, strategic, and cross-disciplinary approach is essential. Reducing dependencies, avoiding fragmentation and silo thinking and acting in a more strategic and proactive way to enhance impact is a necessity. There are several EU initiatives in this respect.

One such important EU initiative was the establishment of the European Cybersecurity Competence Centre (ECCC) in Bucharest. The efforts of the ECCC, working together with the NCCs of member states, focus on building a strong community, supporting research, innovation and industrial policy, increasing cybersecurity capacities to shield the European economy and society from cyberattacks, and reinforcing the competitiveness of EU industry through joint investment in strategic cybersecurity projects.

ECSO has also launched the ECCO project, with the aim to support, coordinate, and stimulate the European cybersecurity competence community in interaction with the ECCC and the NCC network.

Highlighted on the operational plane was the importance of sharing cyberthreat intelligence (CTI) in real-time across all member states, following the principle “from individual to collective resilience”, thus preventing being attacked on the weakest link. The new SOC/CTI (Security Operations Centre/Cyber Threat Intelligence) initiative launched by ECSO, pursues this goal.

All these initiatives contribute to forming an eco-system that will work towards a cybersecure Europe.

Six important insights from Europe’s largest cybersecurity consortium

Over four years, CONCORDIA conducted a holistic research and innovation that was organized into five pillars: device-, network-, system-/software-, application-/data-, and user cybersecurity. In parallel to the technology tracks, the project also worked on related topics such as legal aspects, economics, education, community building among others.

Here are six key takeaways from the project:

1. Cybersecurity roadmap for Europe

The CONCORDIA cybersecurity roadmap was one of the project’s key achievements that approached cybersecurity from different perspectives, beyond the technological one. The project identified several challenges and recommendations that were grouped into six holistic dimensions, prioritizing them into short-, medium-, and long-term deliverables.

The interactive roadmap has been available on-line, inviting the security community to influence it by providing feedback on what actions Europe should take to build and sustain resiliency and digital sovereignty, by ranking challenges and recommendations or creating own ones within the identified dimensions.

Above: Six holistic dimensions in CONCORDIA’s cybersecurity roadmap - challenges and recommendations. Research and Innovation as one dimension. Photo courtesy: CONCORDIA

2. Academic contributions

CONCORDIA delivered more than 300 research papers, published in peer-reviewed scientific conferences and journals, which exceeded initial expectations. During the last year alone, more than 30 percent of the publications appeared in top-ranked conferences and journals such as USENIX Security Symposium, World Wide Web Conference, Internet Measurement Conference, IEEE Internet of Things Journal, IEEE Transactions on Dependable & Secure Computing, IEEE Transactions on Industrial Informatics, and ACM Computing Surveys. This is evidence of the high quality research produced by the consortium, as well as its impact on Europe’s security community.

3. Industrial pilots as a pathway to future European value chains

The five industrial pilots in CONCORDIA represent a great showcase of the tight cooperation between the research institutions and industrial partners. Each pilot addressed several use cases such as handling privacy and anonymity with machine learning for the telco sector or using federated machine learning for the exchange of security information in the finance sector. The approaches for telco and finance sectors differ due to the specifics of the sectors. The security aspects of the e-charging infrastructure have been addressed, as well as privacy and protection of medical data in the e-health pilot. As just one example, the security of vehicular communication systems focused on the secure authentication and trusted interaction.

Above: Five industrial pilots in CONCORDIA. Photo courtesy: CONCORDIA

4. Threat intelligence for the telco sector

Ericsson was actively involved in the Telco group together with mobile operators Telenor, Telefónica, and Telecom Italia. The focus of the team was to research and prototype a Telco Threat Intelligence platform for detecting, sharing, and exchanging threat intelligence in 5G networks. Due to the Covid-19 outbreak, the experimental research slowed down. However, since “every cloud has a silver lining”, the telco team took the opportunity to advance theoretical research into an emerging issue: threat modeling for telcos. The selection of this topic proved to be right since, during this research, two related industry initiatives were announced: GSMA MOTIF (Mobile Threat Intelligence Framework) and MITRE FiGHT (5G Hierarchy of Threats). The experience and results from research in CONCORDIA proved to be very valuable when working in these initiatives, where Ericsson is actively contributing.

5. The economic dimension of cybersecurity

Cybersecurity practitioners are aware that cyberthreats are often driven by an economic incentive, but this dimension is rarely analyzed from an economic perspective. Unfortunately, as part of the cybersecurity strategy, several organizations lack the competence to quantify risk beyond the low/medium/high scale, focusing on the technical aspects to prevent, detect, or mitigate attacks. As a result, the budget allocation for cybersecurity may be under- or overestimated or become quickly outdated as the threat landscape evolves.

CONCORDIA has developed a framework for defining cybersecurity strategies. In addition to the conventional planning with business-, risk-, requirements, and execution assessments, it adds the cost management phase that helps organizations to estimate costs using suitable economic models, estimate investments, their Return of Security Investments, and consider cyber-insurance and corresponding costs. An open-source tool is available for SMEs.

Above: Methodology for planning and investing in cybersecurity. Photo courtesy: CONCORDIA

6. Building cybersecurity skills

Cybersecurity competence has also been identified as another critical dimension in the proposed European roadmap, not only at the professional level, but also at staff management level who leads organizations, influence strategies, define policies and make decisions. There is an educational gap that needs to be filled. But defining the right level of required competence, suitable for the different roles in an organization is not an easy task. Moreover, finding the appropriate education in a plethora of courses, training, programs, and platforms is even more challenging.

Above: Mapping European educational facilities with a cybersecurity focus is one step to narrowing the continent’s cybersecurity skills gap.

CONCORDIA conducted an extensive investigation among the various educational facilities in Europe and built an open map of them, dividing them into different categories. Users can navigate this map and find suitable education, filtering with criteria such as technology or application domain. In parallel to this work, ENISA (the EU Agency for Cybersecurity) also proposed the European Cybersecurity Skills Framework (ECSF), a complementary platform focusing on 30 cybersecurity role profiles and the corresponding appropriate skills and competences required among 40 identified ones.

What’s next? Life after CONCORDIA

CONCORDIA is completed now and has delivered results that have impacted the EU cybersecurity community in several dimensions. The project was also a pre-incubator and planted the seeds for new ideas that triggered several initiatives and spin-offs across academia, industry, and government.

As new EU cybersecurity calls are announced, CONCORDIA partners will continue fundamental and applied research and innovation guided by the roadmap, addressing novel challenges in areas such as software security, security of AI, agile certification, post-quantum cryptography, privacy, secure computing, economics of security and building skills. Regardless research topic, collaboration among all member states is of strategic importance to ensure a resilient and sovereign Europe.

Above: CONCORDIA representatives at the consortium’s closing event in Stockholm, Sweden.

Learn more

Visit the CONCORDIA website to find out more about the project and read related publications and articles.

To read about EU cybersecurity organizations and initiatives visit:

• ECSO – European Cybersecurity Organization
• ECCO – European Cybersecurity Community
• ENISA – EU Agency for Cybersecurity
• DG CNECT – Directorate-General for Communications Networks, Content & Technology
• ECCC – European Cybersecurity Competence Centre