WISER · Project

Real-Time Cyber Risk Assessment Platform for Companies and Critical Infrastructure

digitalPilotedTRL 7

Imagine your company's IT systems are like a building with hundreds of doors and windows — and you have no idea which ones are unlocked right now. WISER built a service that continuously watches all those entry points, calculates how much danger you're actually in, and tells you which locks to fix first. It was tested in real financial services companies and energy providers, and comes in two flavors: a simple package for smaller businesses and a full managed service for complex operations like power grids or banks.

By the numbers

Early assessment pilots across multiple industries

Full-scale pilots in financial services and energy

Partners in the consortium

Countries represented

EUR 2,562,596

EU contribution to develop the platform

91%

Industry participation ratio in consortium

SMEs involved in the project

The business problem

What needed solving

Most companies know cyber threats are growing but struggle to measure their actual risk exposure in real time or figure out where to invest limited security budgets. Small and mid-sized businesses often lack the resources for dedicated cybersecurity teams, while critical infrastructure operators face complex threat landscapes that generic security tools cannot adequately assess. Without continuous risk monitoring, organizations are essentially flying blind — reacting to incidents instead of preventing them.

The solution

What was built

WISER built three core components: a real-time cyber risk assessment infrastructure with deployment guidelines, a cyber risk modelling tool for mapping and analyzing threats, and a monitoring infrastructure for continuous surveillance. These were packaged into two delivery modes — a pre-packaged solution for SMEs and a Risk Platform as a Service for complex critical infrastructure environments.

Audience

Who needs this

Chief Information Security Officers at mid-size banks and insurance companiesIT directors at energy companies and utility operators managing critical infrastructureCTO/IT managers at ICT-intensive SMEs handling sensitive customer dataCybersecurity insurance providers looking to model risk-based premiumsManaged Security Service Providers seeking to add risk assessment to their portfolio

Business applications

Who can put this to work

Financial Services & Insurance

enterprise

Target: Banks, insurance firms, and fintech companies

If you are a bank or insurance company dealing with growing cyber threats and regulatory pressure to demonstrate risk management — this project developed a Risk Platform as a Service (RPaaS) that continuously monitors your systems and models cyber risk in real time. It was validated in 3 full-scale pilots including in the financial services and insurance industry. The platform also supports innovative insurance premium models based on actual measured risk.

Energy & Utilities

enterprise

Target: Power grid operators, energy distributors, and utility companies

If you are an energy company responsible for critical infrastructure and worried about cyberattacks on operational systems — this project built and tested a monitoring and assessment platform specifically piloted in the energy field. With 9 early assessment pilots testing resilience across different industries, the platform identifies which risks matter most and helps you prioritize defenses for your most critical assets.

ICT Services & Digital Business

SME

Target: SMEs running digital services, e-commerce platforms, or SaaS providers

If you are an SME that handles customer data online but cannot afford a dedicated cybersecurity team — this project created a pre-packaged cyber risk management solution designed specifically for ICT-intensive SMEs. Instead of building expensive in-house capabilities, you get a ready-made tool that assesses your basic cyber risk posture and tells you where you are most exposed.

Frequently asked

Quick answers

How much would it cost to use this cyber risk platform?

The project developed two pricing approaches: a pre-packaged solution for basic needs (targeting SMEs) and a Risk Platform as a Service (RPaaS) for complex environments. Specific pricing is not disclosed in the project data, but the RPaaS business model was a key deliverable, suggesting commercial pricing structures were developed during the EUR 2,562,596 project.

Has this been tested at real companies at industrial scale?

Yes. WISER ran 9 early assessment pilots across multiple industries to test different risk management approaches, then conducted 3 full-scale pilots in the financial services/insurance industry and energy sector. The consortium of 11 partners across 8 countries, with 91% industry participation, ensured real-world validation.

Who owns the IP and can I license this technology?

The project was coordinated by Atos Spain SA, a major IT services company. With 10 industry partners in the consortium, IP arrangements were likely structured for commercial exploitation. Contact the coordinator for licensing terms and current availability.

Does this help with regulatory compliance like NIS Directive or GDPR?

The project explicitly built on the NIS Directive and other international cybersecurity initiatives. The risk management approach was designed to make cyber risk management an integral part of business practice, which directly supports compliance with EU cybersecurity regulations.

How quickly can this be deployed in my organization?

The pre-packaged SME solution was designed for faster deployment with basic cyber risk management capabilities. The RPaaS mode requires deeper integration with your ICT systems for monitoring. Based on available project data, the 3 full-scale pilots demonstrated deployment feasibility in complex environments.

Can this integrate with our existing security tools and IT systems?

WISER was built with on-demand service composition, meaning components can be assembled based on your specific needs. The monitoring infrastructure and assessment infrastructure were designed as modular components with documented deployment guidelines, as described in the deliverables.

Is there ongoing support or has the project ended?

The EU-funded project ran from June 2015 to November 2017 and is now closed. The project website cyberwiser.eu and the coordinator Atos Spain may offer continued commercial support or evolved versions of the platform. Contact them directly for current availability.

Consortium

Who built it

The WISER consortium is heavily industry-driven with 10 out of 11 partners from the private sector (91% industry ratio), which is exceptional for an EU project and signals strong commercial intent. Coordinated by Atos Spain — a global IT services leader — the partnership spans 8 countries (BE, ES, FI, FR, IT, NO, SI, UK) and includes 4 SMEs. With only 1 research organization and zero universities, this was clearly built to create a market-ready product, not publish papers. The diversity of countries also suggests the solution was designed for the European market broadly, not a single national context.

ATOS SPAIN SACoordinator · ES
STIFTELSEN SINTEFparticipant · NO
XLAB RAZVOJ PROGRAMSKE OPREME IN SVETOVANJE DOOparticipant · SI
ENERVALISparticipant · BE
AON SPA INSURANCE & REINSURANCE BROKERSparticipant · IT
TRUST-IT SERVICES LIMITEDparticipant · UK
ATOS IT SOLUTIONS AND SERVICES IBERIA SLthirdparty · ES
AON UK LIMITEDparticipant · UK

How to reach the team

Atos Spain SA is the coordinator — a large IT services company. Reach their cybersecurity division for current platform availability and commercial terms.

Order a report on this consortium See ATOS SPAIN SA profile →

Next steps

Talk to the team behind this work.

Want an introduction to the WISER team or a detailed brief on how this platform could fit your cybersecurity needs? Contact SciTransfer — we connect businesses with EU research teams.

Order a report on this topic More in Digital & ICT