The SWORDFISH project aims to develop a prototype security management platform capable to support and secure dependable infrastructures mainly through its ability to merge information security with the physical security world and the business process (the human factor). This approach can give enormous capabilities to organizations or communities of organizations to secure their assets and protect themselves against organized crime and terrorism. At the same time its open architecture, the vendor independent integration capability and the potential to adopt to a given security standard, technology or framework, gives both SWORDFISH and its users the power to enforce organization-wide security models based on their individual requirements, technical infrastructure and risk profiles.
As a next generation enterprise information security management platform, SWORDFISH aims to improve an organization’s information security posture, by controlling and monitoring not only technology related aspects but also physical security and human factor procedures. SWORDFISH will adopt a horizontal enterprise-wide versus a vertical and typically technical security model, automating and simplifying an organization’s information risk management through a process automation platform. Τhe role of the platform within an organization will be twofold; it will provide a centralized console for security processes orchestration, real-time risk management & enterprise knowledge management whilst on the other hand it will be the primary data collection engine that will ensure accuracy & integrity of security information within the organization. Last but not least, this will lead to “measurable security”, an already known and qualitative good of other engineering disciplines (e.g. automobile, aerospace, military).
SWORDFISH will not only focus to thwart computer intruders, but also ensures that mission-critical functions are sustained and essential services are delivered, despite the presence of cyber attacks, failures, and accidents because all of the organizational and operational processes and participants relevant to security are engaged. Research will also include development in the event correlation ground classifying events from critical operational procedures and physical security controls. Correlation of physical information security events, will potentially allow the SWORDFISH prototype correlation engine to effectively identify logical security attack patterns that combine property violation, bypassed procedures, improper or fraudulent employee behaviour and computer security.
