# CYBERTRUST PAD FOR MEETING NOTES started by fredd CONFIDENTIAL Distribution: Participants entities only Meeting 19 12/2022 present: Rohit (Ansuin), Rafael (OrinS), Fredd(Trasformatorio), Dimos Ioannidis (Certh), Rafi Yalh om, Marco Caselli (Siemens), Gert Mikkelsen, Kai Hermsen (some more...) DIGITAL-JU-SME DIGITAL JU SME Support Actions Programme - Digital Europe Programme (DIGITAL) Work programme part Digital Europe Work Programme 2021-2022 Cybersecurity and Trust (DIGITAL-ECCC-2022-CYBER-03) Deadline date ## Agenda (Rob) I suggest we do a round of introduction. Questions about the call. Any questions about what to do this week? If we all can do that we have a clear picture of our capabilities and can identify gaps and maybe ask new partners. Wishing everyone a good holiday, next meeting January 2 17:00. ## Discussion Kai: Munich Board of Twins (Belgian foundation, Disposable Identity, technology and ecosystem), SSI, bring if further in Cybersecure environemnt Marco: Central Tept named Technology, by Siemens, Cyber Sec and trust, as central dpt interested for operation. Resp. of coordination Rohit: CTO at Ansuin, working with IoT tech and IoT Devices Rafael: Research director Odins solution, spain, resarch in IoT and Cybersec and Analytics, AI, smart cities etc. Participated in 12 ICT H2020 projects, Tech developer and Pilot Provider. Open SOurce software for Cybersecurity. Open Source protocols from ITF body standards, collaborates with Ansuin already. Open HW and SW, Cybersecurity auditing and certification Rafi: Based in Boston, researcher at MIT, team member Ansuin, cybersec risk management. Innovative approach to manage risk in digital supply chains Gert: Alexandra Inst. Denmark (like Fraunhofer). Digitalizationa and IT, head of cybersec dpt. Commercial projects. Have already a project with ?? Mirko Presser (business school) Lorna: works with Kain at Twins on SSI fredd: Technology and society meet, artistic methodology dissemination trasformatorio.net ??+31 203054950: Legal, data management, r&D and RIAs already worked with Marco and his team, based in Amsterdam Gaelle: Expert in Policy, Digital policies and regulation, projects development from commission side and all espects of the tasks Dimos: Certh, computer and electrical Engineer, domain of cybersecurity and vision analytics lab. Looking forward for fruitful cooperation Rob: IoT, IoT Council, at the moment working with Ansuin on this proposal. Very interesting call, very clear focus on SMI's that makes the 99% of the European industrialentity. They have little time and resources and we need innovative ways to engage him. Questions about the call itself? - Deadline feb 15 tight. Do we have a one pager to forther the discussion? I need to internal discussion, bullet point something to reason about offline - yes, one pager. I will send a list of questions to work this week on wich base to make a - There are 5 areas not all to be covered, 2 have to be covered, between everyone we could cover 4 on a first assessment. The things that can be done are clear, what about "Support to awareness raising, prevention, education, training, and gender balance in cybersecurity.". Anyone can clarify this one? - education has to be part of any proposal, because we are looking at the supply chain (including sales et.) apply cs to new environments - looking for solutions that are there and mature, have to be brought to market - SME's how to sharp and clearly approach them - Ecosystem and toolbox, training and education (capability and capacity) - Siemens work with many SME's and has sustainability issues (tracking co2 along the supply chain) - augmented to work for cyber - Sustainability + Cyber, will be interesting angles to market - ROB: we need to assert with a product after 3 years should give the SMI cyber preparedness, assest this before and after our tools, a product to be sold after the project - Secure supply chain (Cybersecurity preparedness, tools, training), what is the scope. - Gaelle: Is a different program from Horizon. Concentrate on one of these items as dimensions to prepare customers for adoption. - Kai: Deep link, improving supply chain improves CS of SMI. There is no supply chain without SMI's. Probably if you take Supply Chain approach this is how you scale and reach. Is almost a good story to explain the scope of the project. That is the same approach as measuring the CO2 - Looking at each of these points makes a very good story for the point - Does the spirit of the call allow/asks a focus on one context? - if Supp. Chain is the context, then is about the chain and handling over from party one to party 2 (mutable or immutable) passing it from a to b. Multiple SMI's in multiple locations as part of the story. - Handling over (the chain aspect) about Disposable Identity) is one of the origins of the focus - sme secured makes the environment more resilient - Focus: SME's along the supply chain, visibility and awareness - Awareness is facilitated through visibility - how to exchange super sensitive information in the supply chain, who and how is allowed to share information. - Awareness in SME about the risk responsability and how this can be extended to the whole SME. How demonstrate you have implemented that information. - Obbligation to share and be aware - Dimitra: From LEgal reverse of burden of proof and incident reporting on a supply chain. Attending directive publicationRelevant from a regulatory pov. Attribution of liability. What would be the novelty of our project. How this can be customised for SMI (cost efficiency, awareness etc.) - Marco: how do we make the SMI's use the solutions that are already existing - Knowledg, cost,Plug and Play governanche si. Technology is not a compler - WP 2 Cybertoolbox - WP3 Engagement - WP4 Preparedness - Digital SMI Alliance might be in - Questions will be sent around to be answered this week. Jan2 we can reconveene with clear picture starting proposal writing - if you don't find something rewrite and reshare, probably on telegram and proposal document. Telegram is more for short questions and in the moment we are in deep writing ## INfo Dimos: djoannid@iti.gr ## We reconvene Jan 2 Let's try to get this out to the finals ## Actions - (Rob) circulate and expand list of points for the call and questions for partners - (All) Circulate responses and expand on the questions if felt like to elaborate together agenda for next meeting