GMV will be involved for the next four years in the TREsPASS project (Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security), a €13.5-million FP7 project of the European Commission.

The aim of TREsPASS is to improve companies’ security by integrating social aspects into risk management, IT infrastructure and information systems.

The project sets out to develop a smart “attack navigator” that will trace potential weak points within an organization or a given infrastructure. The formula to be developed will combine the technical and human security aspects to identify weak points. The tool can then help users to select the most effective countermeasures, pooling knowledge from the technical sciences (how vulnerable are protocols and software?) and social sciences (how vulnerable are patterns of human behaviour and why?) as well as state-of-the-art industry processes and tools. Visualizing this information in a sufficiently clear and concise way is one of the challenges facing this project.

TREsPASS works from the premise that an information infrastructure may be protected by the best technical means possible, but in the end it is often human behavior that leads to unwanted intrusion or the theft of information. By themselves, technical solutions will not solve these problems. For this reason several universities and companies in Europe, led by the University of Twente in the Netherlands, are now working on the TREsPASS project, which pays special attention to the human dimension.