Cybersecurity remains a significant challenge for the global economy. To help companies prevent and manage risks, ESILV engineering students are working on engineering projects aimed at creating tools to enhance cyber protection. Here is a closer look at three fourth-year projects conducted by the Class of 2022.
6 trillion dollars. That’s the estimated cost of cybercrime in 2021, which is equivalent to the third-largest economy in the world, after the United States and China. This fragility plagues many companies, whether large corporations or tiny businesses.
As the organizational and technological aspects of reducing risks are becoming increasingly important within companies, ESILV’s cybersecurity training program adapts to the new challenges, thanks to its project-based teaching methods.
To make cybersecurity accessible to all companies and help them strengthen their cyber-resilience, several students from the class of 2022 offer concrete methods and tools in their fourth-year industrial innovation projects.
Development of a cybersecurity training course
Onepoint specializes in the digital transformation of companies and organizations. Our partner focuses on “thinking beyond the obvious” and offers innovative digital transformation training. That’s why we were asked to build cybersecurity training to be later made available by our partner.
The main objective of this project is to develop courses and practical work, to set up a sandbox environment in which one can learn about software flaws.
Our final product is an executable file which, once launched, will open Webgoat (a deliberately insecure application that allows us to test vulnerabilities) in our local browser, as well as a PDF containing courses, tutorials and corrections on 4 of the major breaches of the OWASP top 10 (XXE, XSS, CSRF, SQL injection).
Gamification of cybersecurity
Our project aims to provide companies with a fun way to practice cyber-crisis drills. The players will have to advance in the game scenario by making decisions that will influence the course of events and could save or sink their company in the worst-case scenario.
The strength of our project is to allow anyone to create their scenario and publish it on our website.
To do this, the scriptwriter must first create his script with the Twine software by using the guidelines provided on our site. He then retrieves the HTML file generated by Twine and uploads it to our site to play.
Developing a Cyberinsurance model
Citalid, a start-up founded by two former members of the French National Cyber Defense Authority, helps companies assess their risks in terms of cyber attacks and supports them in their investment strategy to prevent cyber threats.
During this project, nine students from ESILV had the mission to identify many cybersecurity incidents using web-scraping techniques and reprocessing of open databases. “Once we processed these data, a risk model was used to identify the main current trends in cyber attacks (ransomware, etc.) and build a template to assess the risk facing businesses based on their profile (turnover, number of employees, etc.).
Once we completed this study, our team developed an algorithm generating a prospectus (PDF) to inform a company about the risks it is subject to and advise it in its choice of coverage for a cyber insurance.”