25.07.2024

The future security event management platform is taking shape

Security

While the European LuCySe4RE project will complete the first third of its roadmap on 31 August 2024, the project team has already collected and identified the first needs, and released a sketch of security event management infrastructure while engaging in cybersecurity awareness-raising activities.

The European project Enhancing Cybersecurity Services for the Luxembourgish Research and Education community - LuCySe4RE whose aim is to improve protection against the cybersecurity risks faced by the Luxembourg research and education community is a 3-year journey starting in September 2023. With the first year of this project co-funded by the European Union’s Digital Europe programme (DIGITAL) ending, summer 2024 is the ideal time to take stock of the situation. Although much remains to be done, conclusions and choices made in the first few months have already outlined the future security event management platform dedicated to the Luxembourg institutions of the research and education community.

Institutions are brought together

One of the project’s first steps forward was to assess the level of security preparation of the research and education institutions. To say the least is that it is characterised by great diversity. From practices to the state of the art, not forgetting knowledge, the budget allocated and the presence of specialised staff: the gap can quickly become colossal between the large and the smaller institutions that comprise research and education institutions. From the start of the project, Restena could not help but notice these differences among institutions that have trusted it and are helping it to implement the project objectives. Quickly, collaboration took place, discussions took form, and a course of action for the project gradually emerged.

Within this context, Restena started in 2023 to assess the level of security preparation of four research and education institutions. To so do, Restena used a maturity model tailored to the specific needs of the research and education sectors and developed at the European level by the European Association GÉANT: the Security Baseline.

Several common denominators linking diversity from the Luxembourg research and education community emerged. It includes a lack of awareness of cybersecurity issues, especially internal security, and incident and vulnerability management weaknesses. However, a lot of effort has already been put into risk management, regulation and protection of privacy, and business continuity planning. Added to this is the anticipation of the inevitable future compliance with the new European security directives - mainly the Critical Entities' Resilience (CER) and the Network Information System Security 2 Act (NIS 2) - which are on the horizon.

The infrastructure is outlined

After almost a year of study, analysis and decisions, the future security event management platform dedicated to the Luxembourg institutions of the research and education community is outlined. From a technical point of view, it will only be based on open-source technologies. It certainly reduces costs to a minimum, but it also means a huge amount of work to develop - as effectively as possible - the appropriate interfaces and the links between them.

Fluenbit, Logstash, OpenSearch, Suricata or MISP platform are just a few examples of the technologies used by Restena to deploy this infrastructure adapted to the specific characteristics of the Luxembourg research and education community, managed and monitored by Restena on its servers and premises. None of the data shared on the tool by institutions via their dashboard will be processed outside the Luxembourg borders, and even less on the cloud, one of the prerequisites of the partner institutions.

Components used in the future security event management
Data pipeline on the future security event management

Restena already entered the validation phase for this infrastructure with the help of IT teams and the Chief Information Security Officer working within the partner institutions, also the future users. The University of Luxembourg, the Luxembourg Institute of Socio-Economic Research and the Centre de gestion informatique de l'éducation (CGIE) have joined the project team for this crucial stage, the Proof of Concept.

Committed to raising awareness

Above the project technical aspects, that fully involve institutions’ IT teams, raising awareness among researchers, professors, administrative staff and students has taken shape. LuCySe4RE's commitments include investing in the CyberDay.lu and Data Privacy Day events; which have been held in Luxembourg for several years now to raise awareness and promote good practice; and increasing the number of courses in the Digital Learning Hub's training catalogue. Topics covered include the Domain Name System (DNS), the Domain Name System Security Extensions (DNSSEC) protocol, incident management, authentication and IPv6, which will help to overcome the weaknesses identified at the start of the project.

A tip sheet, promoting key tips and tricks for backing up data, which can be downloaded from restena.lu and is also available in hard copy on request from the institutions, completes the range of services on offer.

Now almost a year old, the project is making great strides forward, even if there are still a few stages to go through before it can expand Restena's security services portfolio with a new service for the research and education community.