Project AUTONOMIC-SOC-IT/OT

Abstract

AUTONOMIC -SOC-IT addresses the growing complexity of cybersecurity threats both in IT (Information Technology) and OT (Operational Technology) environments. As digital transformation interconnects these systems, they become increasingly vulnerable to cyber-attacks such as malware, ransomware, phishing, and supply chain attacks. To address this challenge, the project will leverage the capabilities of Priam Cyber AI’s Advanced Virtual Analyst (AVA) platform and CTILab’s Deep Threat Intelligence (DTI) platform. The AVA platform is an AI-driven cybersecurity virtual analyst that integrates with existing cyber tools to streamline incident response. The DTI platform detects network anomalies in both IT and OT networks, including Supervisory Control and Data Acquisition systems (SCADA).

AUTONOMIC -SOC-IT/OT’s main objective is to develop a novel, innovative product that enables Security operations centres (SOC) to keep up with evolving threats by reducing the number of false positives and alert fatigue. This next generation system will not only detect threats across OT/IT environments, but also automatically respond, an innovation currently missing in the global market. This project brings together expertise from Hankyong National University, Dongguk University, the University of Kent and the University of Liverpool, alongside major industrial partners: Enerjisa (Turkey’s largest energy company), Brisa (Turkey’s leading tire manufacturer), CBERNET (a Turkish cybersecurity firm), and LIG Nex1 (a leading South Korean defence manufacturer).

This project will advance the Automated Agentic SOC for IT/OT environments from TRL 3 (proof of concept) to TRL 6 (technology demonstrated in a relevant environment), enabling AI-driven cybersecurity from detection to response. The platform will be tested across SOCs operating in smart manufacturing (including defence) and smart energy sectors.