Background & Motivation

As small and medium-sized enterprises (SMEs) pursue digital transformation, their demand for security, privacy, and awareness of cyber threats increases dramatically. SMEs, unlike larger corporations, often lack the resources for implementing robust long-term cybersecurity measures, making them appealing targets for cybercriminals seeking lower-risk options. In addition, with the constant adoption of new technologies and resources, SMEs create numerous entry points for potential cyber-attacks. Each new addition to their systems becomes a potential target for cyber threats, expanding the scope for security breaches. Furthermore, contemporary architectures, often reliant on distributed services, exposed API endpoints, microservices, and containers, present a significantly larger attack surface. Protecting these intricate systems becomes a daunting task as the attack vectors multiply and become harder to safeguard. Finally, SMEs often lack access to frameworks that help them classify risks effectively and ensure compliance with existing regulations. This deficiency can leave them exposed to unforeseen vulnerabilities due to inadequate risk assessment.


Despite the continuously shifting cyber threat landscape, many SMEs lack a systematic approach to ensuring cybersecurity and when faced with cyber-attacks, struggle to recover and ultimately cease operations within six months, while very few have cyber insurance. The impact of these incidents on SMEs is substantial, leading to financial losses, reputational damage, client losses, recruitment challenges, and difficulties in securing new business.

CyberSuite’s vision is to tackle prevailing challenges in cybersecurity services by simplifying the intricacies involved. This involves streamlining the design, configuration, deployment, and management of these services, specifically catering to SMEs lacking dedicated cybersecurity resources. The overarching goal is to bridge market gaps by establishing an easily accessible marketplace for cybersecurity services tailored to SMEs, fostering simplicity and accessibility in high-level security, privacy, and trust. Another key aspect of the vision is to ensure seamless integration and interoperability among diverse cybersecurity tools and services within a unified platform, creating an ecosystem where these solutions collaborate effectively. Support measures for both supply and demand are included, encompassing a maturity and integration phase for solutions and a large-scale demonstration involving four end-users from different sectors. This approach, utilizing a hybrid online and in-person strategy, aims to engage commercial partners and customers. Lastly, the project intends to leverage past EU-funded research outcomes to enhance both the marketplace and the solutions, drawing on previous knowledge and innovations.

Maturity of services/tools

The project is set up with services and tools that have already reached TRL7-8 and by end of the project will be ready for the market or nearly so (TRL9). The services/tools and commercially available products leveraged by CyberSuite are presented in the following table:

Implementation plan and efficient use of resources

In order to make the flow of project activities more effective, efficient and agile, 6 interconnected macro areas of intervention were identified:

i) Analysis (cyber treat landscape analysis, services/tools maturity, unique characteristics identification)

ii) Implementation of (gap closing, integration)

iii) Use cases requirements and demonstration

iv) Awareness and Knowledge raising v) Building CyberSuite Ecosystem vi) Promote and Go to market.


In the table below, the CyberSuite DevSecOps paradigm that will be followed is presented. Upon the finalization of the first iteration, the proposed solution will be demonstrated in 4 real world use case scenarios and will be further evaluated and tested during the first CyberSuite hackathon organized. The second iteration will be focus mainly on enhancing the overall Cybersuite solution effectiveness based on any bugs or inconsistencies identified during the evaluation, after the 1st phase of the solutions uptake, and the comments/feedback received by the engaged the end-users. This will lead to the final integrated CyberSuite version, which will be further evaluated and tested (second hackathon) and demonstrated not only by the 4 use cases but also by the cross-sector SMEs/MEs registered within the cluster. To that end, the OpenAPIs of the solutions will be available throughout the project website and the open repositories Zenodo and GitHub, while the full versions and tailored services could be provided via an affordable subscription to the SMEs/MEs interested, based on the business model developed in the project.


It has to be noted that the CyberSuite solution reference architecture will be based on the existing work performed in the context of the PUZZLE project. In the figure below CyberSuite’s reference architecture is depicted. It is composed of six distinct “swimlanes”. These swimlanes include:


The Logically Centralized CyberSuite Orchestrator swimlane which incorporates all components that are considered “central” i.e., agnostic to the running services


The Orchestration Worker swimlane which incorporates the “local control plane” components of CyberSuite i.e., the components that materialize the business logic that is “close” to the running service


The Edge Analytics swimlane which incorporates all components that undertake “offline analytics” tasks i.e., tasks that are not considered near real-time


The Risk Assessment swimlane which incorporates the components and flows related to the real-time calculation of risk


The Blockchain-based Threat Intelligence swimlane which incorporates all components that materialize a secure and trustworthy data sharing environment regarding threat intelligence information


The CyberSuite Marketplace swimlane which encapsulates a central reference point where “templated” security services are packaged and advertised

Scroll to Top