STICHTING CUING FOUNDATION

Their core work

STICHTING CUING FOUNDATION is a Dutch research centre specialising in cybersecurity threat detection, with particular depth in steganography-based malware (stegomalware) — a sophisticated class of attacks that hides malicious code inside innocent-looking files. They apply machine learning to identify and classify malware, ransomware, and information-hiding techniques that evade conventional security tools. Their work sits at the boundary of applied cybersecurity research and intelligent threat recognition, contributing to both detection methodology and predictive security intelligence. As a small, specialist research entity, they bring niche technical expertise into large European security consortia.

What they specialise in

How they've shifted over time

Both H2020 projects started in 2019, which means there is no meaningful before/after shift to analyse — the organisation entered EU-funded research with an already-defined cybersecurity focus centred on malware, stegomalware, and machine learning. The early keyword set (malware, ransomware, stegomalware, information hiding, machine learning) reflects a technically specific entry point rather than a gradual evolution. Without projects from earlier or later periods, it is not possible to determine whether this focus deepened, broadened, or shifted after 2022.

With only two projects both launched in 2019, the trajectory is unclear — but their pairing of deep malware analysis (SIMARGL) with broader threat prediction (PREVISION) suggests an interest in moving from reactive detection toward proactive security intelligence.

How they like to work

STICHTING CUING FOUNDATION exclusively participates as a consortium member and has never led an H2020 project, positioning them as a specialist contributor rather than a project driver. Despite their small size, they participated in consortia of notable breadth — 43 unique partners across 15 countries from just two projects, suggesting they are embedded in well-networked, multi-partner security research groups. This profile is typical of niche technical SMEs that are brought in for focused expertise rather than management capacity.

The organisation has collaborated with 43 unique partners across 15 countries — an unusually wide network for an entity with only two projects, indicating they joined large, pan-European consortia. No geographic concentration is evident from the available data.

What sets them apart

STICHTING CUING FOUNDATION occupies a narrow but high-value niche: stegomalware detection is a technically demanding area where very few European SMEs have demonstrated EU-funded research credentials. Their combination of information-hiding expertise and ML-based threat recognition makes them a credible specialist partner for cybersecurity consortia that need depth in covert-channel and obfuscated-malware topics. For a consortium coordinator building a Horizon Europe security proposal, they offer specific technical differentiation that larger, generalist security firms typically cannot provide.

Highlights from their portfolio

• SIMARGL
  The largest funded project (€456,250) and the only one explicitly targeting stegomalware — a rare research specialisation — combining malware recognition, information hiding, and machine learning in a single scope.
• PREVISION
  Broadens their profile beyond malware detection into predictive and visual security intelligence, showing versatility within the cybersecurity domain.