C3ISP · Project

Secure Cyber Threat Sharing Platform That Keeps Your Data Confidential

digitalPilotedTRL 7

Imagine you spot a burglar casing your street, but you can't warn your neighbors without revealing your own alarm code. That's the problem companies face with cyber threats — they want to share intelligence but can't risk exposing their own sensitive data. C3ISP built a platform that lets organizations pool and analyze threat information together while encryption and smart access rules keep everyone's secrets safe. Four real-world pilots proved it works for enterprises, internet providers, government cyber teams, and small businesses alike.

By the numbers

Real-world pilots validated (Enterprise, ISP, CERT, SME)

Consortium partners across the project

Countries represented in consortium (DE, FR, IT, PL, UK)

Total project deliverables produced

SMEs participating in the consortium

The business problem

What needed solving

Companies face a painful dilemma: sharing cyber threat intelligence with peers and authorities would dramatically improve everyone's defenses, but doing so risks exposing sensitive internal data, proprietary systems, and potentially violating data protection laws. Without a way to collaborate confidentially, organizations fight cyber threats in isolation — missing patterns that only become visible when data from multiple sources is combined.

The solution

What was built

C3ISP built a complete platform for confidential cyber threat information sharing and analysis, including: data sharing agreement management (from plain-language rules to automated enforcement), privacy-preserving analytics using encryption and anonymization techniques, and a multi-domain collaborative environment. The platform was validated through 4 dedicated pilots for enterprises, ISPs, CERTs, and SMEs, with 24 deliverables documenting the full development cycle.

Audience

Who needs this

Managed Security Service Providers (MSSPs) serving multiple clients who need cross-client threat intelligenceInternet Service Providers required to share threat data with national authoritiesGovernment and national CERTs coordinating incident response across sectorsIndustry associations and ISACs (Information Sharing and Analysis Centers) managing collective cyber defenseSMEs seeking affordable managed security services with shared threat intelligence

Business applications

Who can put this to work

Managed Security Services

mid-size

Target: Managed Security Service Providers (MSSPs) serving multiple clients

If you are an MSSP managing cyber defenses for dozens of clients — this project developed a platform that lets you aggregate and analyze threat data across all your clients without any single client's confidential data being exposed to others. The system uses encryption techniques that allow analytics directly on encrypted data, so you can detect cross-client attack patterns while maintaining strict data separation. Validated through 4 dedicated pilots including one specifically for enterprise security environments.

Internet Service Providers

enterprise

Target: ISPs and telecom operators handling network traffic

If you are an ISP dealing with rising volumes of network threats and regulatory pressure to share incident data — this project built and tested a dedicated ISP pilot that enables confidential sharing of threat intelligence with industry peers and national CERTs. Data sharing agreements go from plain-language descriptions to automatically enforced policies, cutting the legal overhead of cross-organization collaboration. The platform was validated with 12 consortium partners across 5 countries.

SME Cybersecurity

SME

Target: Small and medium enterprises without dedicated security teams

If you are an SME that cannot afford a full security operations center but still faces sophisticated cyber attacks — this project ran a dedicated SME pilot for managed cyber protection services. The platform pools threat intelligence from multiple sources and delivers actionable alerts, giving small companies access to the same quality of threat detection that large enterprises have. The compliance-by-design approach means regulatory requirements are built into the data sharing rules from the start.

Frequently asked

Quick answers

What would it cost to adopt this technology?

The project data does not include pricing or licensing fee information. As a publicly funded Innovation Action, the core platform components may be available for licensing from consortium partners. Contact the coordinator for commercial terms.

Can this scale to handle enterprise-level threat data volumes?

The platform was tested across 4 separate pilots — enterprise, ISP, CERT, and SME environments — with 12 partners in 5 countries contributing. The architecture supports multi-domain environments with flexible data sharing agreements, suggesting it was designed for cross-organizational scale.

What is the IP and licensing situation?

The project was funded as an Innovation Action (IA) under Horizon 2020, which typically allows consortium partners to retain IP on their contributions. With 7 industry partners and 4 SMEs in the consortium, commercial exploitation was clearly planned. Specific licensing terms should be discussed with the coordinator, CONSIGLIO NAZIONALE DELLE RICERCHE.

How does this handle data protection regulations like GDPR?

C3ISP took a compliance-by-design approach, incorporating regulatory requirements directly into data sharing agreements from the start. The platform supports techniques from anonymization to homomorphic encryption (computing on encrypted data), giving organizations control over how their shared information is protected.

How long would integration take?

Based on available project data, the platform went through multiple maturation cycles with component integration documented in dedicated deliverables. The 4 pilot implementations suggest integration paths exist for enterprise, ISP, CERT, and SME environments. Exact timelines would depend on your specific infrastructure.

Is this still supported after the project ended in 2019?

The project closed in September 2019. With 7 industry partners and 4 SMEs involved, some components may have been commercialized or integrated into existing products. Check the project website at c3isp.eu and contact consortium members for current availability.

Consortium

Who built it

The C3ISP consortium of 12 partners across 5 countries (Germany, France, Italy, Poland, UK) is heavily tilted toward industry with a 58% industry ratio — 7 industry players and 4 SMEs alongside 4 research institutions and 1 university. This composition signals serious commercial intent rather than pure research. Coordinated by Italy's National Research Council (CNR), the mix of established companies and SMEs suggests the technology was built with real market needs in mind, with SMEs both developing and validating the platform as end users through the dedicated SME pilot.

CONSIGLIO NAZIONALE DELLE RICERCHECoordinator · IT
GRIDPOCKET SASthirdparty · FR
COMMISSARIAT A L ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESparticipant · FR
SAP SEparticipant · DE
CHINO SRLparticipant · IT
GRIDPOCKET SYSTEMS SPOLKA AKCYJNAparticipant · PL
HEWLETT PACKARD ITALIANA SRLparticipant · IT
UNIVERSITY OF KENTparticipant · UK
BRITISH TELECOMMUNICATIONS PLCparticipant · UK
DIREZIONE GENERALE PER LE TECNOLOGIE DELLE COMUNICAZIONI E LA SICUREZZA INFORMATICA - ISTITUTO SUPERIORE DELLE COMUNICAZIONI E DELLE TECNOLOGIE DELL'INFORMAZIONEparticipant · IT
DIGITAL CATAPULTparticipant · UK

How to reach the team

CONSIGLIO NAZIONALE DELLE RICERCHE (CNR), Italy — reach out to their cybersecurity or technology transfer department for licensing and partnership inquiries.

Order a report on this consortium See CONSIGLIO NAZIONALE DELLE RICERCHE profile →

Next steps

Talk to the team behind this work.

Want to connect with the C3ISP team for licensing or integration? SciTransfer can arrange an introduction and help you evaluate fit for your organization.

Order a report on this topic More in Digital & ICT