The project is funded by the European Union under the Digital Europe Programme (GA No 101190156 — CTI-AI — DIGITAL-ECCC-2024-DEPLOY-CYBER-06)
Project summary
CTI-AI aims to optimize the scalability of cybersecurity resources and advance the maturity of SOC and CTI operations across Europe through AI-enhanced technologies and methodologies. This initiative contributes to the AI transition of (National) Security Operations Centers (SOCs), safeguarding critical infrastructures and bolstering national security frameworks. Spearheaded by the expertise and experience of EclecticIQ, Łukasiewicz EMAG, and NRD Cyber Security, the consortium is equipped to tackle these challenges.
Directed by an End User Advisory Board with representation across both public and private sectors, CTI-AI caters to a broad spectrum of users across the EU, focusing on national security, defense, and critical infrastructure. The project’s approach incorporates the development of an AI-enhanced Threat Intelligence Platform, free-to-use AI tooling, and best practices, all underpinned by a mature project and governance structure. Through these efforts, CTI-AI aims to drive forward the strategic goals of enhancing digital security and resilience across the European Union.
Project goals
The CTI-AI project aims to significantly enhance capabilities throughout the entire CTI lifecycle to enable the wider European cybersecurity community to “do more with less” by:
- Improving cyber incident analysis and threat detection
- Improving the scalability of analyst resources
- Improving the maturity of intelligence analysis and sharing for national SOCs / NCSCs and wider European industry and government
In addition, the project addresses the broadening critical infrastructure definition in the Network Information Security Directive 2 (NIS2) that requires national and sectorial SOCs and CERTs to significantly expand their central role as a hub for intelligence sharing and security operations and response coordination.
The project also unlocks more proactive and efficient use of CTI by cybersecurity teams to improve speed of response and reduce the window of opportunity for threat actors to stage attacks and exploit vulnerabilities. By leveraging AI in intelligence dissemination and sharing, we improve the scalability and effectiveness of CTI sharing and collaboration, accelerating the adoption of EU regulations and policies, including the enhanced contextual-relevance of tailored intelligence feeds for, and from, Europe and European entities.
CTI-AI combines effort and outcomes for vendor (industry), national SOC/NCSC (customer/market), consulting (industry) and research (university) by applying emerging research, delivering market tested and proven solutions, validated by customers to ensure they add real value. Deliverables will be made widely available to government and industry in the form of best practices, tooling, and availability of recommended commercial solutions favorable to government SOC/CTI.
CTI-AI delivers technology products, applied research tools and best practice guidance. From European cyber leaders, for the European cyber ecosystem.
Project partners
- EclecticIQ, Netherlands
- Łukasiewicz Research Network – Institute of Innovative Technologies EMAG (Łukasiewicz-EMAG), Poland – project coordinator
- NRD Cyber Security, Lithuania (NRD)
Project Budget
The total eligible costs are €5,048,99.37, of which the grant is €2,524,499.00. The total value of the project for EclecticIQ is: €1,876,449.37 of which the grant: 50%