The world is quickly changing into a digital society. All people are being connected through the Internet (Internet of People), all devices are being connected (Internet of Things), all companies are being connected as well as all services that we rely upon. For our digital society the ubiquitous availability of data has become crucial.
However, now that our society has changed into a digital society, we should understand that we completely depend on the correctness of our data as well as the proper operation of the underlying ICT infrastructure. We should trust our data under all circumstances, which requires it to be not only stored and exchanged in a secure and privacy preserving way, but also that we understand where the data comes from and how it will be used. Since our society cannot sustain without the Internet, we must certify that we understand its operation and keep control over it, under all circumstances. Whereas that was easy just one or two decades ago, nowadays it is a real challenge, especially since a small number of big players and nation states gained control over major parts of our ICT infrastructure and services, and thus our society. As a consequence, our digital sovereignty is at stake, and Europe runs the risk of being digitally colonialized by others.
But next to nation states that use the Internet to gain more influence, also traditional criminals have discovered the Internet to make money by performing large scale attacks on users and systems connected to the Internet. Examples include data exfiltration attacks that frequently lead to mega breaches exposing sensitive data from millions of innocent people to criminals, or Distributed Denial-of-Service attacks that bring down the complete service of an organization. On an almost daily basis, newspapers world-wide report about such cyber-attacks and the impact that they have on our digital society.
At the Twente University Center for Cybersecurity Research (TUCCR), our mission is to make our society resilient against cyber-harm by researching digital technologies in the societal and economic context for their robustness against cyber-harm and by developing solutions that provide the necessary level of resilience and security. To this end, we investigate associated cybersecurity challenges with a specialized focus on real-world data and network security in the socio-economic context. We cover the complete range of steps necessary to develop secure solutions for the real world, starting from the analysis of known cyber-harm, -attacks and -vulnerabilities and their proper modelling, to the engineering of targeted protection, mitigation, detection, and response solutions, all the way to their implementation and extensive testing. In each of these steps, we are paying explicit attention to the demands imposed by the socio-economic context and the involved human factor, which can be part of the problem and part of the solution at the same time.