The Cyber Security Lab is an interdisciplinary group that conducts research in trust and security domains for the improvement of information technology security, as well as the increase of trust and dependability in systems and services. The main ambition is to coherently address cybersecurity from a technological perspective keeping a holistic approach in mind (considering people, processes, and technology), in an effort to ensure innovation in the field of cyber incidents detection, impact assessment and response, by providing effective, intelligent, usable and context-aware solutions for ensuring the security of citizens and organizations from threats such as cybercrime and cyber terrorism, while respecting fundamental rights, such as privacy.
The Lab envisages to position Atos as one of the top 5 cybersecurity companies worldwide, working on a combination of multi-layered and integrated cybersecurity solutions, user education and awareness supported by processes, best practices and governance as a way to prevent, mitigate and remediate cyber-attacks. With this vision in mind, they conduct research to address existing and future challenges regarding security in following areas, such as IoT, Critical Infrastructures, 5G networks, shared service applications, Cloud infrastructures, AI, Social Networks, risk assessment, digital forensics, training, among many others.
The research conducted in the Cyber Security Lab focuses on three main aspects: usability, intelligence, and automation.
Usable security is at the very core of the innovation. Existing cybersecurity tools are too complex to operate for many users, and consequently not valid for small and medium organizations. The research aims at providing solutions to fill this gap and make security easier to manage. To this regard, their assets provide accurate information to each decision maker in the organization (e.g. providing a quantitative and qualitative assessment of a cyber-attack impact together with a suggestion of the countermeasures to deploy to mitigate it, prioritized by the cost/benefit) to guide security analysts in the decision-making process.
In terms of intelligence, they are including technologies such as AI and Machine Learning in the cybersecurity arena with the objective of making the solutions capable of comprehending the relationships between different observations in an enterprise environment and to identify behavioral models for every element of the organization, including the employees & the cybercriminals.
Finally, they have been developing the concept of security automation when possible across tools and processes to avoid the use of manual intervention as much as possible, which, combined with the other two values, makes it possible to achieve an intelligence-driven cyber defense.