The first pan-European virtual center for the real-time dynamic management of cyber risk, created by Leonardo for DG Connect, the European Commission's general directorate for digital policies, has reached full operation.
The center processes and analyzes terabytes of data from sources such as the web, social media, news media, databases, deep and dark webs. It also leverages a knowledge base made up of over 5 million Indicators of Compromise, digital traces of IT incidents, managed every year by Leonardo also thanks to the company's supercomputing infrastructure - capable of carrying out up to 5 million billion operations per second.
Sectoral threat scenarios are thus made available to DG Connect (referring for example to finance, energy, health or transport), which allow the European Commission to know at any time the level of risk of cyber attack on European digital infrastructures, the possible malicious actors, likely attack modes, potential targets and related vulnerabilities. This allows the impacts of any attacks on the operation of critical infrastructures and services of strategic interest to be dynamically calculated, in support of greater European cyber resilience.
A fundamental objective, if we consider that Leonardo analysts found an average increase of 2022% in 180, compared to 2021, in the most widespread offensive techniques (Ransomware, DDoS, Wipers, Phishing and disinformation campaigns). Furthermore, the conflict between Russia and Ukraine has made Europe more subject to hybrid threats, which combine multiple different techniques and actors, with critical repercussions, sometimes even at a national security level.
The virtual center is part of the project, worth 18 million euros, entrusted by DG Connect (General Directorate for communication networks, contents and technologies) to the RTI (Temporary Grouping of Companies) formed by Leonardo and Indra. Its evolution will lead to the creation of a physical center in Brussels that will allow the Commission to operate directly on the cyber threat. The physical infrastructure will also be able to count on the support of Leonardo's Regional Center in Brussels, part of the company's Global Security Operation Center, which, with a distributed architecture based on a main office in Italy, in Chieti, and other operational centers in Italy, UK, Europe and the Middle East, manages over 137.000 cybersecurity events per second. To ensure full risk awareness and improve Europe's response to cyber crises, the center will be interoperable with all entities responsible, at European level, for cyber threat analysis.
