Small and Medium-size Enterprises (SMEs) are an important driver for innovation and growth all over the world. At the same time, SMEs also stand to gain the most from innovative technologies that promise convenient deployment and economical operation of ICT. Taking into account cyber-security, SMEs do not always understand all the risks and business consequences for the development of technologies without the adequate level of protection against cyber-crime. The European Union Agency for Network and Information Security (ENISA) declares in the "Information Security and Privacy Standards for SMEs" study of 2016 that, despite rising concerns about information security risks, the level of SMEs information security and privacy standards adoption is relatively small. The project SMESEC aims to develop a cybersecurity framework that offers different tools for supporting the day to day ICT operation of organizations. This way, our solutions range from monitoring tools to antivirus or risk analysis, etc. All these functionalities are offered in an independent way from the framework, facilitating to companies they can buy and use only the ones they really need for their business and requirements. Additionally, and as a complement to the security tools, the project also offers cybersecurity training and awareness for employees, managers, etc.

The workshop is collocated with the 21st International Symposium on Research in Attacks, Intrusions and Defenses ( RAID 2018)

Important Dates

Invitations Deadline: July 10, 2018
Authors’ confirmation: August 1, 2018
Final programme release: August 10, 2018

Workshop Schedule

The workshop will consist of two parts a technical one and a non-technical one. The technical part of the workshop will include invited papers covering the following fields:

  • Threat and security models for ICT systems and communication networks
  • Security architectures and frameworks suitable for SMEs and enterprises
  • Security validation for Small and Medium-sized Enterprises
  • SME-oriented Hardware security, Cryptographic engineering
  • Intrusion Detection, Intrusion Prevention
  • Secure Software Development, Malicious Code Analysis
  • Identity and access management
  • Privacy Enabling Technologies
  • Deception technologies
  • Security training
  • Risk assessment – safety and security
  • Threat detection threat mitigation, Incident management for SMEs
  • Digital Forensics
  • Anonymization and Pseudonymization technologies

The non-technical part of the workshop, which is open to the public, will include invited speakers to address with matters such as:

  • Cybersecurity framework accessible to SMEs
  • Recommended Practices towards GDPR compliance
  • Personal Data definition and handling practises
  • Data Protection Officer role
  • Certification of Data Protection Officer


Program Chairs

Sotiris Ioannidis Foundation for Research and Technology Hellas (FORTH)

Contact Us

Organizing Committee: Manos Athanatos athanat [at] ics.forth.gr
Organizing Committee: Christos Papachristos cpapachr [at] ics.forth.gr