Towards a Sophisticated SIEM Marketplace for Blockchain-based Threat Intelligence and Security-as-a-Service.

PUZZLE will implement a highly usable cybersecurity, privacy and data protection management marketplace targeted at SMEs&MEs. The PUZZLE will track the relationships among the cyber assets of each SME&ME, considering the available network, compute and storage infrastructure and use them to efficiently calculate individual, cumulative and propagated risks, as well as recommend and apply mitigation actions


Why do SMEs&MEs need cybersecurity? The majority of cyberattacks (86%) in SMEs&MEs are targeted, where financial gain (53%) and corporate espionage (47%) are the main motives. In spite of the current cyber threat landscape, 68% of SMEs&MEs have no systemic approach toward ensuring cybersecurity, 60% of them who were victims of cyber attacks did not recover and thus shut down within 6 months, while less than 3% have cyber insurance. According to Gartner’s predictions, 75% of public blockchains will suffer “privacy poisoning” soon.

  • Cybersecurity solutions for safe corporate data.


What are the challenges of cybersecurity today? Limited cybersecurity capabilities of SMEs&MEs led to some grim statistics:

  • 93% of SMEs&MEs that have experienced a cyber incident reported a severe impact on their business.
  • Almost all affected organizations reported financial and/or loss of savings, while 31% reported damage to their reputation, leading to a loss of clients, as well as difficulty attracting new employees and winning new projects.
  • Nearly 50% reported an interruption in service that damaged their ability to operate.
  • Nowadays, enterprise security is confined to merely log, monitor and correlate data to obtain actionable insights. It boils down to organisational preparedness and continuous training culture, depending on budgets, which usually are not appropriate for more than the scope of activities mentioned above. Cybersecurity management tools need to be more applicable in daily operations, and consider the following:

    • Take the human factor into account.
    • Management methodologies and tools need to be combined with an increased level of collaboration and exchange of information among enterprises.
    • Increase in the awareness of SMEs&MEs regarding the design of their security.
    • Implementation of cybersecurity solutions, and facilitation of policies for effectively handling of cyber threats.
    • The application of such policies needs to be as transparent as possible within an enterprise, and easily adoptable by end-users.
    • Information leakages within the enterprise networks need to be contained.
    Why are regulations, GDPR and privacy policies important?

    The goal of GDPR is to further strengthen and coordinate data privacy laws in Europe by collecting well-respected standards across the world and utilizing them to protect the data privacy of EU citizens. What separates GDPR from previous legislation on data protection is its extraterritoriality, meaning it protects any legal entity that offers services/goods or processes personal or corporate data, regardless of whether such activities have been established within or outside of the EU.

    There are two levels of administrative fines for failure to comply with the GDPR and both are serious:
    1) Up to €10 million, or 2% of global annual turnover – whichever is higher;
    2) Up to €20 million, or 4% of global annual turnover – whichever is higher.