ST-AI SAFE: Socio-Technical AI-Assisted Cyber Risk Mitigation
Project Description
Cyberthreats often go unmanaged because they remain invisible, exposing nations, organizations and users to substantial risks. A large share of cybersecurity risks can be identified in advance by technical means, e.g., port and vulnerability scanning. To mitigate such risks, organizations must understand their assets’ exposure to exploitation of potential vulnerabilities. Yet, the specific decisions are made by humans—often non-technical managers—making cyber-risk mitigation inherently a socio-technical challenge. Existing cyber-risk monitoring products typically present results via graphical dashboards summarizing the key risk indicators but leaving mitigation decisions solely to human judgement.
The project will leverage cutting-edge AI techniques, such as transformer models and reinforcement learning, to correlate publicly available vulnerability knowledge with actionable evidence from cyber-risk monitoring. Building on the monitoring capabilities provided by the CyObs cyber-radar system, developed by Dreamlab Technologies, the project team will develop an AI-assisted self-service interface that provides customized cybersecurity insights, dynamic risk assessments, and prioritized mitigation recommendations tailored to stakeholders’ needs. Additionally, it will integrate stakeholder feedback and actions into the fine-tuning of AI components, developing intuitive mechanisms that enable stakeholders to enhance the accuracy and relevance of the recommendation system.
The project takes a socio-technical approach, exploring collaborative information-sharing models within regional cybersecurity ecosystems to ensure adoption and practical utility of the self-service interface while building a resilient cybersecurity community. The findings will lay the foundation for best practices in stakeholder-driven cybersecurity frameworks, enabling more adaptive, intelligence-driven, and participatory approaches to cyber-risk management at both organizational and national levels.
The project will leverage cutting-edge AI techniques, such as transformer models and reinforcement learning, to correlate publicly available vulnerability knowledge with actionable evidence from cyber-risk monitoring. Building on the monitoring capabilities provided by the CyObs cyber-radar system, developed by Dreamlab Technologies, the project team will develop an AI-assisted self-service interface that provides customized cybersecurity insights, dynamic risk assessments, and prioritized mitigation recommendations tailored to stakeholders’ needs. Additionally, it will integrate stakeholder feedback and actions into the fine-tuning of AI components, developing intuitive mechanisms that enable stakeholders to enhance the accuracy and relevance of the recommendation system.
The project takes a socio-technical approach, exploring collaborative information-sharing models within regional cybersecurity ecosystems to ensure adoption and practical utility of the self-service interface while building a resilient cybersecurity community. The findings will lay the foundation for best practices in stakeholder-driven cybersecurity frameworks, enabling more adaptive, intelligence-driven, and participatory approaches to cyber-risk management at both organizational and national levels.
