International Workshop on Security and Privacy for SMEs (SME-SP 2021)
to be held in conjunction with the 16th International Conference on Availability, Reliability and Security
(ARES 2021 – http://www.ares-conference.eu)
August 17 – August 20, 2021

At scale, the value and sensitivity of data are significantly increasing, SMEs&MEs (Small, Medium, and Micro Enterprises) are identified as more vulnerable than larger enterprises because they are less prepared to confront cyber-related attacks. Most SMEs&MEs lack sufficient awareness and can only allocate limited resources – both technical and human – to counter security, privacy and data protection risks. Hence, they are an easier target (e.g., of denial-of-service, MitM, phishing attacks – just to name a few of the common ones) compared to large organizations.

The main challenge being addressed by this SME-SP workshop is to assess SMEs&MEs’ risks, vulnerabilities or exposure to attacks holistically and improve their capabilities to reduce and efficiently manage issues arising from cybersecurity and data protection aspects. Each SME&ME has very limited knowledge of its own security, privacy, and data protection vulnerabilities. Knowledge and understanding of the risks of similar SMEs&MEs or the entire community and the preparedness for addressing these risks are currently low. This lack implies an ambiguity of the SMEs&MEs to understand their safety in relation to cyber threats, i.e., whether there is any need for action, and what it should do to avoid or mitigate risks.

The SME-SP Workshop aims to bring together academics, CERTs, and industrials, including owners of SMEs&MEs to discuss ideas, approaches, models, and tools to help SME&MEs in Europe to manage their cyber-risks considering their specificities, scale, and business-related constraints.

TOPICS OF INTEREST INCLUDE, BUT ARE NOT LIMITED TO
Continuous risk management.
Smart vulnerability scanning and threat identification.
Advanced Intrusion and Prevention Detection techniques.
Smart testing techniques for cybersecurity and privacy.
Advanced monitoring techniques for cybersecurity and privacy.
Root cause analysis and reaction strategies.
ML/AI-based SIEM.
ML/AI-based cybersecurity.
Honeypots and darknets.
Cyber Threat Intelligence.
Blockchain-based cybersecurity and privacy techniques.
Correlation between physical and cyberthreats.
Training, cyber ranges exercises, raising awareness approaches and tools for SMEs&MEs.
Semi-/fully automatic mitigation and reaction.
Resilience techniques.
Cost and impact of countermeasures.
Prevention and protection in distributed systems and networks.
Prevention and protection in edge and mobile systems.
Innovative cybersecurity methods for cloud, edge, fog, IoT, CPS, 4G/5G, and SDN/NFV environments.
Mobile security/privacy policies.
Mobile protocols and protocol security.
Securing private data on mobile devices or smartphones.
Managing BYOD in SMEs.
Human factors in security and privacy
Usable security and privacy
Security and privacy awareness
Security communication and behaviour.
Cybersecurity culture in SMEs&MEs.

IMPORTANT DATES
Submission Deadline April 30th, 2021
Author Notification May 24th, 2021
Proceedings Version June 13, 2021
ARES EU Symposium August 17, 2021
All-Digital Conference August 17 – August 20, 2021

EU PROJECTS SUPPORTING THE WORKSHOP
H2020 GEIGER (https://project.cyber-geiger.eu/)
H2020 PUZZLE (https://puzzle-h2020.com/)
H2020 TRAPEZE (https://trapeze-project.eu/)

PROGRAM CO-CHAIRS / WORKSHOP CO-CHAIRS
Wissam Mallouli, Montimage, France, wissam.mallouli@montimage.com
Dr. Samuel Fricker, University of Applied Sciences Northwestern Switzerland, Switzerland, samuel.fricker@fhnw.ch
Sophia Karagiorgou, UBITECH LTD, Cyprus, skaragiorgou@ubitech.eu
Edgardo Montes de Oca, France, edgardo.montesdeoca@montimage.com

PROGRAM COMMITTEE
Petra Asprion, University of Applied Sciences and Arts Northwestern Switzerland (FHNW), Switzerland
Stelian Brad, Cluj IT, Romania
Amedeo D’Arcangelo, Kaspersky, Italy
Jose Francisco Ruiz, Atos, Spain
Giannis Giakoumakis, Idryma Technologias Kai Erevnas, Greece
Athanassios Giannetsos, Danmarks Tekniske Universitet, Denmark
Martin Gwerder, FHNW, Switzerland
Ioannis Konstantinou, ICCS, Greece
Sotiris Koussouris, Suite5, Cyprus
Konstantinos Lampropoulos, University of Patras, Greece
Petros Petrou, UBITECH LTD, Cyprus
Bernd Remmele, Pädagogische Hochschule Freiburg, Germany
Marco Spruit, Leiden University Medical Center (LMUC) and Leiden University, The Netherlands
Christos Tselios, Citrix Systems Inc, Patras, Greece
Alexander Vasylchenko, Tenforce

SUBMISSION GUIDELINES
The submission guidelines valid for the workshop are the same as for the ARES conference. They can be found at https://www.ares-conference.eu/conference/submission/.