CC-DRIVER · Project

Cybercrime Prevention Tools and Vulnerability Assessments for SMEs and Law Enforcement

digitalTestedTRL 5

ccdriver-h2020.com

Imagine a growing number of teenagers accidentally sliding into cybercrime because they have the tech skills but not the guardrails. CC-DRIVER studied why people — especially young people — become cybercriminals and what makes "crime-as-a-service" markets tick. They built self-assessment tools so companies can check how exposed they are to cyberattacks, and gave law enforcement better ways to investigate and shut down cybercrime operations. Think of it as both a prevention program and a diagnostic kit rolled into one.

By the numbers

consortium partners across disciplines

countries represented in the research

EUR 4,997,630

EU research investment

SMEs in the consortium

project deliverables produced

36%

industry partner ratio in consortium

The business problem

What needed solving

Cybercrime is growing faster than most companies can defend against it, and the human side — why people commit cybercrime and how organizations unknowingly leave themselves exposed — is poorly understood. SMEs especially lack the resources to assess their own vulnerability beyond basic IT security checklists, while law enforcement agencies need better tools to investigate rapidly evolving "crime-as-a-service" operations.

The solution

What was built

The project produced a youth self-assessment online metric tool for understanding cybercriminal behaviour, a self-assessment questionnaire for SMEs to gauge their cybercrime vulnerability, investigation and mitigation tools for law enforcement, policy templates for combatting cybercriminality, and a demonstration-level toolkit for policymakers validated with stakeholder feedback.

Audience

Who needs this

Cybersecurity consulting firms serving SME clientsEdTech companies building digital citizenship and online safety platformsLaw enforcement technology vendors providing investigation toolsInsurance companies underwriting cyber risk policiesYouth organizations and schools running digital awareness programs

Business applications

Who can put this to work

Cybersecurity Services

SME

Target: Managed security service providers and cybersecurity consultancies

If you are a cybersecurity consultancy helping SMEs defend against attacks — this project developed a self-assessment questionnaire that lets organizations evaluate their vulnerability to cybercrime. With 14 partners across 10 countries contributing research, the tool draws on criminological and psychological insights that go beyond standard technical audits. You could integrate this into your client onboarding to identify human-factor risks that firewalls miss.

EdTech and Youth Services

any

Target: Companies building digital citizenship or cyber-awareness training platforms

If you are an education technology company developing online safety curricula — CC-DRIVER produced a youth self-assessment metric tool designed to help young people understand risky online behaviour and redirect toward positive pathways. This evidence-based tool, developed with input from psychologists, criminologists and neurobiology researchers, could be licensed or adapted into your existing training products for schools and youth organizations.

Law Enforcement Technology

mid-size

Target: Companies providing digital forensics and investigation platforms to police forces

If you are a law enforcement technology vendor struggling to keep up with evolving cybercrime tactics — this project built investigation and mitigation tools specifically for LEAs, plus a policymaker toolkit validated through stakeholder feedback. With 6 SMEs in the consortium and a EUR 4,997,630 research budget, the outputs are designed for operational use across European police agencies.

Frequently asked

Quick answers

What would it cost to access or license these cybercrime assessment tools?

The project was publicly funded with EUR 4,997,630 under Horizon 2020 as a Research and Innovation Action. The policymaker toolkit deliverable is marked confidential (CO), so licensing terms would need to be negotiated directly with the coordinator, Trilateral Research Ltd. Some outputs may be freely available through the project website.

Can these tools scale to serve thousands of SMEs across Europe?

The self-assessment questionnaire was specifically designed for SMEs and civil society organizations to evaluate their cybercrime vulnerability. The consortium spanned 10 countries with 14 partners, suggesting the tools were developed with cross-border applicability in mind. Scaling would depend on the digital platform hosting the assessment.

Who owns the intellectual property for these tools?

As a Horizon 2020 RIA project, IP typically stays with the consortium partners who created each deliverable. Trilateral Research Ltd coordinated the project and is an SME, so they likely hold key IP rights. Specific licensing arrangements would need to be discussed with the coordinator.

Are these tools compliant with EU data protection regulations?

The project operated under Horizon 2020 ethical guidelines and involved partners from 10 EU/associated countries. Given the sensitive nature of cybercrime data and the involvement of youth subjects, GDPR compliance would have been a core requirement. Based on available project data, specific compliance certifications are not detailed in the objective.

How long before these outputs could be deployed in our organization?

The project closed in April 2023, so the tools are already developed. The policymaker toolkit was delivered at month 34 with stakeholder feedback incorporated. Integration timelines would depend on your specific use case and any customization needed for your sector or jurisdiction.

Can these tools integrate with existing cybersecurity infrastructure?

The self-assessment questionnaire and youth metric tool are standalone instruments that could complement existing security systems. The LEA investigation tools were built for law enforcement workflows. Based on available project data, specific API or integration specifications are not described in the objective.

Consortium

Who built it

The CC-DRIVER consortium is unusually diverse for a cybersecurity project, combining 14 partners from 10 countries with 5 industry players, 3 universities, 2 research organizations and 4 other entities. With 6 SMEs making up a 36% industry ratio, the project had strong commercial awareness alongside its research mission. The coordinator, Trilateral Research Ltd, is itself an SME — which typically means faster decision-making and more interest in commercializing results than a university-led project. The multidisciplinary mix (psychology, criminology, anthropology, neurobiology) means the outputs go beyond purely technical cybersecurity solutions to address the human factors that most tools ignore.

TRILATERAL RESEARCH LTDCoordinator · UK
HOCHSCHULE FUR DEN OFFENTLICHEN DIENST IN BAYERNparticipant · DE
UNIVERSITE DE LAUSANNEparticipant · CH
TRILATERAL RESEARCH LIMITEDthirdparty · IE
PRIVANOVA SASparticipant · FR
SOFTWARE IMAGINATION AND VISION SRLparticipant · RO
IDRYMA TECHNOLOGIAS KAI EREVNASparticipant · EL
AYUNTAMIENTO DE VALENCIAparticipant · ES
Ministerio da Justicaparticipant · PT
KENTRO MELETON ASFALEIASparticipant · EL
UNIVERSITY OF EAST LONDONparticipant · UK
WITHSECURE OYJparticipant · FI
HELLENIC POLICEparticipant · EL

How to reach the team

Trilateral Research Ltd (UK) — an SME specializing in research and advisory services. Contact through their company website or the CORDIS portal contact form.

Order a report on this consortium See TRILATERAL RESEARCH LTD profile →

Next steps

Talk to the team behind this work.

Want an introduction to the CC-DRIVER team to discuss licensing their cybercrime assessment tools? SciTransfer can arrange a direct meeting with the right people.

Order a report on this topic More in Digital & ICT