INTERREG project CySeReS-SME: Cyber Security and Resilience in Supply Chains with a focus on SMEs
The aim of the CySeReS SME research project is to support small and medium-sized enterprises in IT security, cyber security and resilience with a focus on the supply chain. The needs of the participating SMEs will be surveyed and analysed, on the basis of which a best practice guide and a maturity model will be developed. In the future, this will also be able to support SMEs outside the project.
The increasing digitalisation and networking of companies and SC partners has not only generated advantages in recent years. Numerous cases have shown that it is not sufficient for companies to focus only on their own cyber security. Increasingly, cases of cyber attacks are becoming known in which the cross-regional, digital connections between companies in supply chains (SC) are exploited to damage industries, regions or nations. The attractiveness of vulnerabilities in SCs as targets can be explained by the fact that SCs contribute significantly to a functioning global economy.
At the same time, these SCs are dependent on functioning systems, which are increasingly being made more secure in large companies with the help of time-consuming and cost-intensive cyber security and resilience measures. Small and medium-sized enterprises (SMEs), on the other hand, often represent vulnerabilities in SCs because they do not have the necessary resources to protect themselves sufficiently. Despite this higher vulnerability, large enterprises have so far been the focus of this interdisciplinary field of research. In the future, the EU will push for an extension of the Network and Information Security Directive (NIS2) to include SMEs. Preparations are elementary in order to be able to meet this tightening as an organisation.
CySeReS-SME is addressing this practice-relevant research gap in a 3-year research project. The supra-regional project consortium supports small and medium-sized enterprises from industry in IT security, cyber security and resilience with a focus on the supply chain.
Based on the needs of various SMEs and findings from previous research projects with a focus on the correlation between SC, cyber security and resilience, a survey and analysis of the current situation and the development of suitable measures will be carried out in order to be prepared against supply chain cyber attacks in the future and to comply with various new regulations such as the NIS2.
Based on this project, a best practice guide and a maturity model in the form of a self-assessment tool will be published. This is intended to ensure the framework conditions in which SMEs can build up entrepreneurial competences for innovation, specialisation, agility and resilience safely in today's digitalised world.
University of Passau
Deggendorf Institute of Technology
University of Innsbruck
Symbolic picture: Adobe Stock