CYBERSECURITY SERVICES

Work Informatics at Information System, Department of Management and Entrepreneurship, Turku School of Economics at the University of Turku has an extensive experience from delivering successful regional development funding projects. Our special strengths are the knowledge of SME sector, including work and business development and effective deployment of modern IT solutions. In KyberVALIOT we will utilize our advanced knowledge in business development and work informatics. The principles of work informatics itself emphasize the understanding related to knowledge work, professional expertise, collaboration and controlled change in technology-oriented and -centered development projects. Work informatics has already been leveraged in a multiplicity of externally funded research and development projects since 2005 (http://workinformatics.utu.fi/bisnestyo/). We have acquired excellent results by applying our holistic understanding on the development of information systems through the concrete work, knowledge work and business, where the knowhow and change management capabilities have a key role. Additionally, we have special knowledge on designing and managing new systems: the goals are commonly reached through small steps, which must be designed case-specifically. At its core, our expertise is based on the work informatics education and research disciplines. Work informatics and system theories are reinforced by involving other business development concepts and particles, such as business ecosystems, agile development, knowledge management and service design.

Cybersecurity is not an independent entity. Instead, it is seamlessly connected to all activities of the target companies. It should be considered as an important factor in securing the companies’ business continuity, regardless of whether a product, service or other form of offering or toll is in question. Furthermore, the security must always be investigated as a part of a larger entirety. On general level, the SME sector itself provides an interesting starting point for the research with its characteristic challenges related to financial capabilities, level of technical expertise and several other resource limitations. All these factors finally affect the companies’ ability to manage their service creation, delivery and managing the customer and collaborator activities. This heterogeneous background requires a holistic solution to cover this variety of needs related to cybersecurity.

However, everything cannot be provided simultaneously. Therefore, it is important to proceed towards the goals through fast experimentations, representable pilots and intelligent specialization steps. These activities will help us to develop cybersecurity services that are effective in both short and long timescales. The aim of our work is to define, present and develop a set of laboratory services through the inseparability principles, where the laboratory’s functional philosophy, business model, customer company functions and collaboration exceeding physical boundaries are taken into account inside the manufacturers’ and IoT service providers’ business ecosystems. Thus, we will transfer the functional models of continuous development, partnership, collaboration and knowledge sharing between and into the target companies. Simultaneously, the services themselves are better understood as a part of the actors’ mechanisms and ecosystems. This understanding will form the innovational foundations related to our role in KyberVALIOT.

In KyberVALIOT we contribute to the productization of the cybersecurity services created and developed during the project. Targeting the IoT and manufacturing industries, our mission is to involve all the potential stakeholders within the cybersecurity ecosystem into the service planning process through interviews and concrete field work. This approach will allow us to map the commonly requested features and functionalities, as well as the possible limitations from the customer’s standpoint, thus helping us to form a service platform fulfilling the needs of the largest potential audience. Considering the goal of providing cybersecurity services to a large group of customers from varying backgrounds, special attention needs to be given to finding the right balance between the approachability and level of advancement. This said, the less technologically-oriented companies should be provided with comprehensible test templates and use cases that can be easily adapted into their own business environment, either purely through simulation or by involving the customer’s actual product into the testing sequence.

Naturally, the laboratory also creates collaboration between local higher education institutes (HEIs) and SMEs: the laboratory shares the research, education and recruit interest in an open-minded innovation environment.

Finally, the concrete actions and goals are as follows:

  • Development of the cybersecurity laboratory’s business and service processes from the perspective of the whole business ecosystem, involving the motives of the target companies, internal actors and collaborators. In the end of the project, this will also include the special questions related to ensuring the business continuity, covering the whole lifecycle of the cybersecurity laboratory service from the standpoint of each actor, including the users of the tested solutions.
  • Participating in the test pilots by gathering target companies and delivering analysis and development recommendations related to the business model.
  • Establishment, development and testing of the innovation platform, including the creation of management mechanisms connected to processing the innovations emerged from the operational activities.
  • Creation of the collaborative innovation development methods, focusing on how the discovered requirements are developed in the laboratory’s business ecosystem.
  • Internal and external evaluation of the effectiveness of the laboratory functionalities, especially emphasizing the connections to the education and research related actions in the companies and educational institutes both nationally and internationally.
  • The short-term goal is to define the service features, including the basic scanning, thematically tailored packages and extra special high-tech abilities. The long-term goal is to produce and innovation platform, which will function as an integrated instrument for the regional actors, providing a meaningful service path for the manufacturing industry and the IoT service providers.