Deliverable D7.5 - Best Practices for Replicability and Wider Use

Despite the importance of Critical Information Infrastructures (CIIs) and dynamic ICT‐based maritime supply chains (SCs) for port operations, state‐of‐the‐art Risk Management (RM) methodologies for maritime environments pay limited attention to cyber‐security and do not adequately address security processes for international SCs. Motivated by these limitations, MITIGATE will introduce, integrate, validate and commercialize a novel RM system, which will empower stakeholders' collaboration for the identification, assessment and mitigation of risks associated with cyber‐security assets and SC processes. This collaborative system will boost transparency in risk handling, while enabling the generation of unique evidence about risk assessment and mitigation. At the heart of the RM system will be an open simulation environment enabling stakeholders to simulate risks and evaluate risk mitigation actions. This environment will allow users to model, design, execute and analyze attack‐oriented simulations. Emphasis will be paid on the estimation of cascading effects in SCs, as well as on the prediction of future risks. MITIGATE will be compliant with prominent security standards and regulations for the maritime sector (i.e. ISO27000, ISO28000, ISPS). The MITIGATE system will be built based on readily available technologies of the partners, which will enable the project to produce a mature (high‐TRL) system at an optimal value‐for‐money. The system will be validated based on real‐life pilot operations across five EU ports (Bremen, Piraeus, Valencia, Ravenna, Livorno) with the active participation of over 500 users (security officers, terminal operators, facility operators, standardization experts and more). Also, the project's approach will be contributed as a blueprint to the NIS public‐private platform. Finally, significant effort will be devoted to the commercialization of the MITIGATE system based on pragmatic business plans and market launch actions.