ERMIS Objectives

Design, implement and deliver a TRL-7 and highly usable cybersecurity, certification and cyber insurance management marketplace targeted at EU organisations, including SMEs, and public organisations, and cyber insurance agencies and relevant providers, aiming at fostering the adoption and uptake of market-ready innovative cybersecurity solutions

Provide a validated set of cybersecurity functional primitives as a service, made available through a marketplace, that can be easily adopted and deployed in EU SMEs to address security and privacy requirements of their composite cyber systems.
Exploit and marketize the research outcomes and solutions developed in the framework of EU-supported or funded projects.
Provide tailor-made services for cyber insurers, supporting the automated creation, pricing, continuous monitoring, and adaptation of cyber insurance policies for cyber systems.
Increase the level of cybersecurity situation awareness and preparedness of SMEs, through a set of tools that address observed security related incidents and estimate their impact through effective risk assessment.
Deliver an orchestrated ML-assisted environment for the interconnection of security assurance and insurance mechanisms, to ensure the cyber resilience of composite cyber systems.

Deliver market-ready tools for increasing the resilience and preparedness of SMEs against cyber threats

Define and validate evidence-based risk, threat and vulnerability analysis ML-based models.
Enhance cyber-incident response among different digital infrastructures and cyber systems.
Develop security audit and testing tools for discovering security flaws and improving the security of open-source solutions.

Deliver market-ready tools, processes and models for the agile and verifiable certification of cyber systems, ensuring the conformity assessment and validation

Promote the scalable, agile and verifiable certification of cyber systems, towards ensuring and fostering the protection and resilience of SMEs products and services.
Optimize, automate and facilitate the conformity assessment of cyber systems ensuring compliance and mitigating potential compliance breaches.

Deliver an innovative framework supporting the creation and management of cyber insurance policies and offering a sound liability basis for establishing trust in cyber systems and services

Develop ML-based models for more accurate definition and specification of cyber insurance policies, which consider evidence from ongoing policy operational claims.
Establish a process centric framework for automating the creation and management of cyber insurance policies for cyber systems, based on integrating proven techniques for the certification, audit and risk assessment of security and privacy (S&P) for such systems.
Establish conditions for improving cyber insurance practices and the trustworthiness of cyber systems and commercialising the use of the ERMIS platform and cyber insurance framework.

Validate the ERMIS offerings in real world environments and business cases for improving cybersecurity assurance capabilities in the EU and enhancing cyber insurance management

Establish the evaluation process taking into account technical, usable, and techno-economic perspectives.
Prove the applicability, usability, effectiveness and value of the ERMIS concepts, tools and services in the real-life business environment of European organisations and SMEs.

Raise awareness on the innovative ERMIS results to business, research, academic, and open-source communities in the EU and empower their skills in addressing ongoing cybersecurity challenges.

Present the project progress, technologies and results to targeted stakeholders, ensuring wide awareness of main ERMIS marketplace users.
Analyse the market for the ERMIS cybersecurity management framework, tools, services and solution, and define viable and demand driven exploitation and business models.
Deliver cyber ranges and training resources tailored to the needs of the cybersecurity and insurance experts to address the challenges of the evolving threat landscape in the EU.