A EUROPEAN CYBER RESILIENCE FRAMEWORK WITH AI-ASSISTED ORCHESTRATION & AUTOMATION FOR BUSINESS CONTINUITY, INCIDENT RESPONSE & INFORMATION EXCHANGE

Phoeni2X logo
Contact
Juan Andrés
Funding Program
Horizon Europe eu flag
Project Date
to

PHOENi2X (the second part of the PHOENIX project) aims to design, develop, and deliver a Cyber Resilience Framework providing Artificial Intelligence - assisted orchestration, automation & response capabilities for business continuity and recovery, incident response, and information exchange, tailored to the needs of Operators of Essential Services (OES) and of the EU Member State (MS) National Authorities entrusted with cybersecurity. 

Through the deployment PHOENi2X Cyber Resilience Centres (PHOENi2X CRCs), OES will gain:
(i) enhanced Situational Awareness with AI-assisted Prediction, Prevention, Detection & Response capabilities, and business risk impact assessment-based prioritisation;
(ii) proactive and reactive Resilience Automation, Orchestration, and Response (ROAR) mechanisms, providing Business Continuity, Recover and Cyber & Physical Incident Response;
(iii) Increased Preparedness through relevant Serious Games and realistic Resilience Cyber Range (RCR) Assessment & Training;
(iv) timely and actionable Information Exchange between OES, National Authorities and EU actors, leveraging interoperable and standardised alerting and reporting mechanisms and processes.

Our role

Atos is leading T2.3, which aims to define the baseline toolkit: a set of open-source tools that will serve as the basis for the project's developments. Besides this, ARI’s role within the project is leading T3.4, which seeks to develop a risk analysis engine to assess the alleged risk and suggest the necessary countermeasure to mitigate it.

Atos' contribution focuses on three lines of work:
1) Risk Analysis: capable of dynamically calculating the risk index to which an organization is exposed and suggesting optimal countermeasures to reduce its level.
2) Cyber-intelligence: mechanisms to first contextualize cyber-intelligence information and then automate its processing.
3) Reporting: automate the process of reporting to authorities once a cyber-incident has been detected.