Training of Pilot End-users

On 24,25 and 27 of May 2021, SPHINX Consortium Members gathered virtually to hold a series of training sessions tailored to the needs of pilot implementing partners. These sessions served as the cornerstone of training activities task entailed in SPHINX project’s lifecycle, which ensures an efficient uptake of knowledge transferred from technical partners towards the HealthIT sector.

The sessions were organised by SPHINX partner, SIMAVI, the leader of the training activities task, in collaboration with PDMFC and ViLabs, which is responsible for monitoring the dissemination, exploitation and overall sustainability of the project. All technical partners were engaged in the 3-days event presenting their components’ functions inside SPHINX Toolkit, while IT personnel from the pilot implementing partners attended the sessions.

The trainings were prepared according to an analysis of needs that was performed among pilot partners. Based on the findings, the main goal of the training sessions was to equip pilot end-users with knowledge from technical partners via depicting how SPHINX components are structured and what is necessary for the adequate operation and maintenance of the SPHINX Toolkit.

In addition, the trainings aimed to explain the installation and deployment procedures of SPHINX components and how they can work jointly. The sessions comprised presentations and demos regarding each component by the lead-developing partner followed by Q&As in order to address specific pilot end-users’ queries.

On the first day, Monday, 24 May 2021, the following presentations were performed:

  • Hellenic Mediterranean University presented Vulnerability Assessment as a Service (VaaaS) and Cyber Security Toolbox (CST) components;
  • Konnektable presented Decision Support System (DSS) and Analytic Engine (AE) components;
  • Intracom presented the Common Integration Platform (CIP); and
  • Edgeneering presented SPHINX Application Programming Interface for Third Parties (S-API)

On the second day, Tuesday, 25 May 2021, the following presentations were performed:

  • PDMFC presented Security Information & Event Management (SIEM), Sandbox (SB) and Anonymisation & Privacy (AP) components;
  • Tech Inspire presented Homomorphic Encryption (HE) component; and
  • SIMAVI presented Anomaly Detection (AD), Data Traffic Monitoring (DTM) and Interactive Dashboards (ID) components.

On the third day, Thursday, 27 May 2021, the following presentations were performed:

  • National Technical University of Athens presented Real-time Cyber Risk Assessment (RCRA), Forensic Data Collection Engine (FDCE) and Attack & Behaviour Simulators (ABS) components;
  • AiDEAS presented Machine Learning-empowered Intrusion Detection (MLID) component;
  • Future Intelligence presented Artificial Intelligence (AI) Honeypot (HP) and Knowledge Base (KB) components; and
  • TECNALIA presented Blockchain Based Threats Registry (BBTR) component.

 

To complement this information, each component-building partner provided a brief set of installation and deployment guidelines that was accumulated and integrated into a single user-manual document for internal communication purposes. This end result is dedicated to the trainees of the sessions as a summative report which they can consult during the upcoming SPHINX Toolkit testing period in pilot sites.

What is more, two questionnaires were shared among the participants following the completion of the training courses.

In the first questionnaire, the participants were asked to evaluate the deployment of the SPHINX Toolkit indicating the performance, the usability of the deployment, the support provided, and the overall reliability of the platform based on what had been presented to them during the trainings. In this context, more than half of the audience stated that they were very satisfied (53.3%) and quite satisfied (20%) with the deployment procedures of the Toolkit. As one of the participants noted “the way they [SPHINX components] were deployed promises better stability on the production level and to accept updates easily, which is important to cybersecurity.” In addition, nearly half of the audience (46.7%) found the usage instructions quite clear, while the majority (60%) was very satisfied with the system performance.

The second questionnaire examined the benefits and the impact of SPHINX on four out of seven dimensions of security culture. Namely, the survey focused on Attitude, Cognition, Communication and Responsibilities of the organisations’ employees. In this scope, one of the prevailing answers of the participants was that after the training sessions they acquired more familiarity and overall it is easier for them to include cybersecurity practices in a better perspective than before (81.3%). Furthermore, the participants indicated that thanks the project and the training sessions are now more able to think of alternative options to tackle with cybersecurity in their organisations (62.5%). Last but not least, many of the participants felt quite more (31.3%) or a lot more (43.8%) confident to conduct or research for a cybersecurity incident plan.