2024 Funded Projects

Project Description

This project addresses the challenge of attribution due to an escalating number of threats in digital systems. Cyber-attacks pose significant risks to nations, organizations, and individuals, with a growing number of incidents reported globally. Identifying and assigning responsibility for cyber-attacks remains a critical challenge. Without accurate attribution, responding to attacks and holding perpetrators accountable is difficult. This project develops efficient methods for cyber threat attribution, which will benefit government, law enforcement, and private organizations involved in cybersecurity.

This project seeks to contribute to the broader cybersecurity community by creating a curated Indicators of Compromise (IoCs) dataset. This dataset will offer valuable insights and solutions to enhance cyber defense strategies. Using a next-generation honeynet-based data collection environment, the project will explore techniques for creating simulated environments, which will further fostering innovation in cybersecurity.

This project’s significance lies in its ability to address the pressing issue of cyber-attacks by improved attribution methods and the provision of valuable resources for the cybersecurity community. Its objectives include enhancing response capabilities, fostering innovation, and ultimately bolstering defenses against cyber threats.

Project Description

Canada’s economy and security is highly exposed to vulnerabilities in marine systems. Given the sector’s importance in both global trade (over 80% of trade is carried by sea), and in defense, not to mention its increasing exposure to fragile ecosystems such as the Northwest Passage, it is imperative that the floating towns/data centers that modern ships are becoming be protected from cyberattack. Cyberattack on a cargo ship in a narrow trade lane, or on a tanker in an ecologically-sensitive area, or on a naval support vessel supporting Canadian combatants, could have devastating consequences. Preventing such attacks will require a willingness to redesign and rebuild the most fundamental points of connection among marine systems.

This project investigates the fundamental constraints, limitations and requirements around critical control systems in the marine environment and design resilient, secure protocols and platforms for future marine systems. This project designs open protocols and hardened platforms, designed from the ground up for security, resilience and transparency, allowing seafarers to effectively understand and control their systems, detect anomalies and respond to cyberattack.

Project Description

Protexxa’s cybersecurity platform, Defender, addresses cyber issues caused by employees and makes cybersecurity more accessible. Protexxa suite of solutions combining AI, gamification, and provides a better understanding of behavioural patterns.

Companies currently lack personalized cybersecurity solutions that can identify technology misuse and understand the impact of user experiences on behaviour. Traditional platforms use generic training or phishing exercises, resulting in a poor correlation between human assessment and actual threats.

This project connects personalized cybersecurity with organizational and community protection, by developing an all-in-one platform that aggregates capabilities and personalizes cybersecurity assessment, awareness, and protections.

Protexxa will deploy advanced AI and ML to predict vulnerabilities, improve cyber hygiene, and enhance user protection. Collaborations with TMU, Mila, and Felixa gaming will address the lack of datasets on user behaviour, enabling the design of future digital interactions and interfaces that improve behavioural patterns.

Project Description

Cryptographic algorithms form the basis of security in today’s digital world, underpinning virtually all online interactions. Current cryptographic infrastructure relies on classically ‘hard’ mathematical problems that can be efficiently solved using a quantum computer. Given the rapid progress in quantum technologies, there is an urgent need to develop cryptographic solutions that remain secure against quantum-enabled attackers.

Quantum Key Distribution (QKD) and Post-Quantum Cryptographic (PQC) algorithms provide two categories of cryptographic solutions that remain secure in the presence of a quantum attacker. QKD offers an elegant information-theoretic option, but it has traditionally faced feasibility challenges that have stymied widespread adoption. Quantized Technologies Inc. (QTi) is developing a hybrid solution that combines PQC with patent-pending next-gen QKD, which overcomes these feasibility challenges. The key issue of authentication, and the optimization of key consumption during authentication is addressed. QTi’s hybrid architecture represents a leap forward in practical post-quantum technology for securing networks in the quantum era.

Project Description

Climate change presents an unprecedented global challenge that demands immediate action from everyone. Incentivizing individuals and corporations through credit systems, such as greenhouse gas offset credits for emission reduction and renewable energy tracking and credit systems, represents one of the most effective strategies for encouraging broader participation in sustainable ‘green’ behavior. Existing blockchain-based Green Credit Management Systems (GCMSs) aim to democratize green credit management by tokenizing credits and providing a transparent financial and trading infrastructure that allows everyone to purchase and exchange credits without intermediaries, relying solely on trusted smart contracts.

However, GCMSs are also attractive targets for attacks, fraud, and misuse. This project will:
(i) Analyze and investigate emerging threats, risks, insecurities, misuse, and fraud within an integrated blockchain-based GCMS ecosystem.
(ii) Develop essential technologies and expertise to enhance the trustworthiness, security, decentralization, and interoperability of GCMSs.
(iii) Identify social and legal requirements for secure green credit systems, and address adoption barriers related to trust, security, privacy, and cost.

A real-life prototype use case guides the research questions and demonstrates and evaluates the technologies.

Project Description

This project addresses the critical need for secure data storage in the cloud, which is especially pertinent given the widespread reliance on cloud services by businesses. This project overcomes the challenges of traditional encryption methods that may compromise data privacy. The goal is to design advanced data systems that address these concerns by enabling secure storage, efficient yet secure search capabilities, and protection against new forms of threats like access pattern attacks. Significantly, this work is relevant in the context of emerging technologies like Large Language Models (LLMs), which require sophisticated data storage solutions. The secure retrieval of data supported by LLMs is destined to become increasingly significant in the foreseeable future. By doing so, this project unlocks the economic benefits of cloud storage while safeguarding privacy. The outcomes include innovative data system designs, stronger industry partnerships, and significant cost savings for Canadian businesses. Ultimately, this project marks a pivotal step forward in data security and efficiency in the cloud era, bringing Canada’s position in cybersecurity and privacy research to the forefront.

Project Description

Large Language Models (LLMs) are becoming increasingly important in Canadian organizations, especially in education, reshaping learning for children and youth. Outside schools, children interact with LLM-based applications, like games and AI characters, posing significant privacy risks due to potential sharing of their personal information. The lack of specific Canadian children privacy regulations exacerbates the issue, leaving children’s privacy vulnerable to exploitation by malicious actors. This project considers Canadian regulations such as PIPEDA, CPPA, and international best practices such as COPPA with the help of domain experts to identify applicable regulations for protecting children’s privacy in LLM-based applications.

This project introduces a new privacy-preserving software framework, integrating regulations into executable codes within LLM platforms using blockchain and smart contracts. This ensures active enforcement of children’s privacy regulations in real-time interactions. The framework integrates transparent consent mechanisms, enhances parental control, and automatically detects data breaches/misuse. At its core is a monitoring tool that tracks data operations in real-time, ensuring accountability and transparency. Integrated with a secure distributed file system and blockchain, the tool enables parents and trusted authorities such as OPC to regulate data access, thereby improving online safety for children.

Project Description

Microgrids (MGs) have seen significant investments in modernization and renewables so enhancing the security and resilience of MGs is crucial. This project addresses their major operational issues, including susceptibility to cyber-physical attacks, and improving survivability and recovery following successful attacks. A co-simulation cyber-physical testbed is developed to generate key IT/OT data. Possible attack surfaces and vulnerabilities of MGs are identified, and their associated risks and impacts are investigated. To enhance the survivability of MGs, this project develops optimization-based frameworks for both the planning and operation phases. Attack detection and mitigation tools are then developed to counter threats. Finally, an optimization-based framework is developed, based on the security and operation constraints, to successfully recover from cyber-attacks. These envisioned designs, algorithms, and tools will enhance the quality of energy delivery, significantly reducing the risk of blackouts and brownouts. Moreover, MGs are ideal for electrifying over 170 remote communities in Canada, provided these systems are secure and resilient.

Project Description

The metaverse will see real and virtual worlds come together, allowing individuals to socialize, play, work, transact, and visit healthcare professionals in the comfort of their homes without time, mobility, or space constraints. While the metaverse can revolutionize numerous domains, it faces severe challenges with user privacy, cybersecurity, and identity management. This project brings together experts with complementary expertise in AI, metaverse, identity management, and decentralized technologies, as well as several Canadian companies invested in the metaverse, to explore an early-stage idea of developing new access control and authentication methods based on data collected from sensors embedded in immersive reality headsets.

Leveraging expertise in edge computing and blockchain technologies, user privacy is preserved while making the metaverse safer for everyone. Real-world data is collected to help advance developments in metaverse security. The developed solutions are tested on the metaverse platform of the different partners, spanning applications in VR-based socialization, mental healthcare, dementia care, hyper-realistic human digital twin generation, and AR-based chronic disease management.

Project Description

This project develops a novel system that fully automates the discovery and repair of vulnerabilities in large-scale codebases such as those of Linux or Firefox. By integrating advanced technologies from multiple fields including static and dynamic program analysis, program synthesis, and machine learning, particularly Large Language Models like GPT-4, the system identifies and fixes coding vulnerabilities without human intervention. Initially focusing on C/C++ and memory safety issues, other programming languages and types of vulnerabilities will be investigated as well.

The project outcomes include a fully automated software framework capable of integrating various vulnerability detection and repair tools, and the development of new methods for the integration of such tools as well as automated vulnerability management. The project creates a robust system that not only addresses current gaps in security practices but also sets the stage for future innovations in automated cybersecurity solutions.

Our project will significantly boost the security of vital software, reduce the risk of security breaches and data theft, thereby protecting organizations and their users. Additionally, this project will contribute to advancements in machine learning applications in cybersecurity and provide valuable opportunities for education and training.

Project Description

Significant research on sharing data in large networks that mitigates user privacy concerns has largely focused on the properties of individual data points, or simple relationships between those individual points. This is insufficient, as recent advances in graph mining permits learning complex and intricate relationships between entities within these large data sets. Thus, users cannot know whether nefarious actors can infer data about them and their relationships from these larger graphs.

This system will enable privacy at the level of relationships, and users can themselves describe which relationships they wish to keep private. The system would then model these requirements and capture the interdependence between the individual data points and the relationships in their broader neighbourhood and across the entire network. These models will then be leveraged to prevent relationships users consider sensitive from being leaked. The research opens pathways to building privacy solutions that consider complex interrelationships from a privacy perspective.

Project Description

Digital privacy and legal compliance pose increasing challenges, so this project proposes a groundbreaking solution: leveraging secure multiparty computation (MPC) technology to empower organizations to address intricate legal obligations. Secure MPC enables multiple parties to perform collaborative computations over their joint inputs while preserving privacy. This interdisciplinary initiative merges expertise in cryptography, law, and business, and aims to democratize this potent yet underutilized technology for practical, real-world use.

This project bridges the gap between stringent data privacy laws and operational efficiency by building MPC tools and crafting innovative legal theories. This endeavour promises to streamline regulatory compliance across jurisdictions, bolstering the security and productivity of the Canadian economy and positioning Canada as a global leader in privacy-preserving technologies. Our objectives encompass identifying pivotal scenarios where MPC can resolve legal quandaries, designing efficient MPC protocols, and furnishing a comprehensive toolkit for seamless organizational integration. This endeavour is poised to revolutionize how businesses uphold legal and privacy standards, fostering innovation while safeguarding individual rights in the digital sphere.

Project Description

This project provides a comprehensive and current understanding of the role, influence and impact of human factors on the cybersecurity of democratic elections in Canada. Cyber threats include threats to election infrastructure, voters, and parties; the creation of misinformation, disinformation, and deepfakes, and their spread through social media platforms.

Research is rooted in the rule of law, and based upon robust, evidence-based, technologically-informed, transdisciplinary, and human-centered methods. Critical to the project is the analysis of evidence from the ongoing Canadian Foreign Interference Commission. The project aims to utilize its knowledge of human factors to improve human responses to cyber threats and to develop a technological concept or application to help protect against attacks on human epistemic cognition, democratic deliberation and voting decisions by empowering and incentivizing individual electors to access and properly evaluate information relevant to elections.

Project Description

This project develops an Adaptive Decision Defense System (ADDS) to bolster the cybersecurity of Critical Infrastructures (CI) against sophisticated and evolving threats. At its core, ADDS utilizes cutting-edge artificial intelligence (AI) and behavioral analytics to identify and neutralize Dual Denial of Decision (DDoD) attacks. These attacks target the crucial decision-making junctures of infrastructural systems and are a significant risk to the continuity and reliability of services critical to our daily lives, including electricity and transportation.

Through a synergistic Human-AI collaboration, ADDS enhances decision-making processes and streamlines incident responses, even under severe pressure. The project delivers several key advancements, including the establishment of a comprehensive security framework to significantly reduce false alarms, strengthen defenses against complex adversarial strategies, and incorporate adaptive mechanisms for ongoing threat assessment and response. By prioritizing the human element within cyber defense and fostering a dynamic, learning-oriented approach to cybersecurity, ADDS aims to substantially increase overall security of CI, safeguarding the foundation of modern society against cyberattacks.

Project Description

The increasing integration of Operational Technology (OT) networks of industrial control systems (ICSs) with the public Internet has exposed critical OT communications to remote adversaries. Preliminary research produced ICS-Sniper, the first known encrypted traffic analysis-based targeted blackhole attack on Internet-connected OT networks. This attack showcases how remote adversaries can disrupt operations without infiltrating the ICSs while bypassing state-of-the-art detectors. The attack was demonstrated on an in-house testbed simulating a multi-stage distributed water treatment plant, equipped with state-of-the-art security measures. Building on these findings, investigate this new threat and build defense strategies for ICSs.

On the offensive front, this project explores ICS-Sniper’s adaptability and scalability across diverse OT network configurations and communication protocols. Defensively, this project develops robust countermeasures against ICS-Sniper, incorporating attack detection and mitigation techniques, while adhering to the operational constraints of both legacy and future ICSs. This project also builds a configurable physical testbed to evaluate these offensive and defensive strategies.

Project Description

Machine learning models memorize privacy-sensitive information about the data used to train them. Once these models are deployed, this privacy-sensitive information might leak, causing economic loss and violating the privacy rights of data providers. Existing research efforts towards auditing the privacy leakage of machine learning models critically rely on the assumption that data samples used to build the model are statistically independent of each other. Recent research has shown that, when this assumption does not hold, as it is common in practice, existing tools overestimate privacy, which can have dire consequences in practice.

This project bridges this gap by extending theoretical analyses and empirical studies of privacy-preserving machine learning to the realistic case of non-independent training samples. The project: 1) develops datasets, statistical models, and synthetic data generators that exhibit realistic non-independent behavior; 2) adapts existing theoretical notions of privacy to this setting; 3) develops empirical auditing tools to quantify the privacy of machine learning models in these realistic settings; 4) designs defenses to limit this leakage; and 5) consults external partners to explore real-world applications of the research.

Project Description

Ransomware attacks are on the rise and pose a serious threat to organizations/individuals. Detecting these attacks early is challenging due to their stealthy nature. This project develops an early detection method for ransomware using machine learning, behavioral analysis, and heuristic algorithms to enhance cybersecurity solutions. The outcomes of this research project will aid Canadian organizations in mitigating the significant impact (economical/social) caused by these attacks.

This project addresses smart metering data privacy issues by developing a zero-trust privacy-enhancing platform offering in-transit, at-rest, and in-use end-to-end security and privacy. The technology developed: (i) enables securely collecting energy consumption data from smart metering using a PET-suite; (ii) secures storage of metering data controlled by the customers; (iii) enables the electricity utility provider (EUP) to smart grid operational related tasks on metering data without learning individual customers’ data; (iv) provides a dashboard with customers’ metering data analytics services while providing privacy; and (v) provides robustness in terms of performance, scalability, and security that are necessary to support privacy-enhancing innovation in AMI.

The key technical innovations include software packages, technical research publications, and potentially new commercialization opportunities. The platform enables residential and commercial customers to manage and share their metering data, while assuring data protection compliance, thus enabling both trust and the creation of valuable new insights from shared data.

Project Description

The Adaptive AI Firewall (AAF) project fortifies the AI systems that are becoming crucial to our daily lives and national infrastructure against cyberattacks. These include autonomous self-driving vehicles, real-time control systems, and mission critical systems. Traditional security measures are proving inadequate because they cannot evolve to counter new, unknown attacks; and the complexity of AI systems such as large language models make them impossible to secure using traditional application security methods. AAF is a smart, learning firewall designed to adapt and respond to threats as they evolve. Imagine a guardian that learns from every attack, becoming smarter and stronger over time, ensuring our AI systems are always protected from malicious input.

By focusing on continuous adaptation and smaller security focused AI models, the AAF project aims to revolutionize how we protect critical AI infrastructure, making it resilient against both today’s and tomorrow’s cyber threats. This project is not just about safeguarding technology; it is about ensuring the safety, reliability, and trustworthiness of the services that keep our society running.

Project Description

Social engineering attacks (i.e. attacks against people, leveraging their psychological tendencies) are on the rise and something must be done. This project investigates the most basic form of defense against social engineering attacks – the education of the potential victims. Social engineering attacks are the most common type of attack and the most successful. This project produces practical and useful educational tools, in the form of “serious” learning games that make a measurable difference. The key to this approach is to use peer-based, interactive and collaborative learning, which makes online learning “live”, rather than being difficult and passive asynchronous learning material that people do not want to use.

Given that children are a principal target of many of these attacks (e.g. sextortion, fake abduction, fake kidnapping), the project includes measurement of educational effectiveness for the vulnerable secondary school demographic. For this, this project leverages uOttawa’s unique advantage of also being an accredited Ontario high school and are partnering with the RCMP to make a real difference in the safety of Canadians.

Project Description

Unmanned Aerial Vehicles (UAVs) have become increasingly common and are transforming various sectors such as delivery services, infrastructure monitoring, and healthcare. Unfortunately, security remains a significant concern, especially in critical missions like search and rescue or surveillance.

This project addresses this gap by focusing on the security of networks of UAVs in critical environments. The project’s objectives are: 1. Model-Based Attack Detection and Identification: develop algorithms to detect denial-of-service attacks within drone networks, considering the attacker’s capabilities and strategies. 2. Data-Driven Attack Intention Detection: using data-driven techniques to infer attackers’ intentions, understand their objectives and develop effective defense mechanisms. 3. Attack Mitigation Techniques: maintain safe drone operation during attacks. 4. Security-Performance Trade-off Analysis: evaluate the trade-offs between security and performance.

These objectives are achieved by combining modelling, learning-based approaches, and experimentation in simulation and laboratory settings. By addressing these challenges, the project will enhance the security and reliability of UAV networks in critical missions, ensuring their effectiveness in real-world scenarios.

Project Description

Simulation research prior to the deployment of industrial control systems (ICS) is crucial to identify and mitigate cybersecurity vulnerabilities. This proactive measure is of great value, as it protects critical infrastructure from potential cyber threats that could have disastrous consequences for security, the environment and the economy. Current shortcomings include difficulty in accurately simulating complex and unique ICS environments and the challenge of keeping pace with technical advances. In addition, cooperation between ICS operators, ICS integrators and cybersecurity researchers needs to be strengthened. The outcome of this research project will provide a global roadmap for vulnerability remediation, which will strengthen ICS protection against cyberattacks and contribute to a better understanding and development of cybersecurity best practices within the industry. Ultimately, this research will contribute to developing more comprehensive standards and greater awareness of cybersecurity, resulting in more robust industrial systems.

Project Description

In the current tense geopolitical world, foreign governments and state-sponsored actors are increasingly using cyber influence operations on social media to spread disinformation, often with the aim of gaining geopolitical, economic, military, and strategic advantages. Their ability to inflict substantial disruption on democratic societies and governments are understood. With the recent advancements in AI and the development of powerful content generation and amplification capabilities, the sophistication, scope, and scale of cyber influence operations will further increase, making current detection tools ineffective. This project tackles this challenge by developing innovative and robust solutions for detecting cyber influence operations. The approach relies not only on analyzing social media content, but also user behaviors using the latest AI and network analysis technologies. These solutions will equip social media platforms as well as end-users with effective tools to identify influence campaigns and mitigate their effects, thereby contributing to safeguarding Canada’s online ecosystem and democratic society.

Project Description

The rapid expansion of Electric Vehicles (EVs) demands robust security for Electric Vehicle Charging Stations (EVCSs). EVCSs, integrated with renewable energy and electricity networks, face significant cybersecurity challenges. Traditional Intrusion Detection Systems (IDSs) are not fully equipped to address these issues due to their limited adaptability, high energy demands, and centralized architectures, which raise performance and privacy concerns.

This project develops autonomous, optimized, adaptable, reliable, privacy-enhanced, and sustainable IDSs for EVCSs by extending and integrating advanced AI/ML technologies, including Automated Machine Learning (AutoML), Tiny Machine Learning (TinyML), and Federated Learning (FL). AutoML automates and optimizes the IDS development process, ensuring systems are effectively adaptable to the EVCS environment. TinyML allows for efficient intrusion detection directly on devices, reducing energy consumption and improving privacy. FL protects data privacy by decentralizing the intrusion detection process.

By securing the EVCS network, this project bolsters sustainable smart city development and aids the global shift towards electric mobility. This will foster innovation and offer economic, social, and technological benefits.

Project Description

This project explores the utilization of Generative Pretrained Transformers (GPTs) in the development of code mutation engines that will be used in next-generation metamorphic malware development. Code metamorphism refers to a computer programming exercise wherein a program modifies its own code (partial or entire) consistently and automatically while retaining its core functionality. This technique is often used for online performance optimization and automated crash recovery in certain mission-critical applications. However, the technique has been misappropriated by malware creators to bypass signature-based detection measures instituted by malware detection engines.

This project develops an LLM-based code mutation engine that can be used as a generative model to synthesize infinitely many mutated examples of known malicious code bases.  These examples of malicious code variations can then serve as a rich dataset for training advanced malware detection systems and furthering our understanding and ability to build mutable, robust software systems.

Project Description

As advanced driver-assistance (ADA) systems and autonomous-driving (AD) systems continue to transform the automotive ecosystem, connectivity emerges as a fundamental aspect. Connectivity offers numerous advantages but also exposes smart vehicles to cyberattacks that could pose threats, including the potential loss of human life. To defend against such attacks, moving target defense (MTD) is an effective tool. MTD proactively switches system configurations to impede attackers’ probing processes, thereby increasing system resilience. Finding optimal MTD strategies is challenging due to the complexity of interactions between attackers and the system. One approach to modeling such interactions is leveraging security games from game theory. Despite extensive study, the realistic application of security games for ADA/AD systems remains largely unexplored.

This project explores the applications of security games for ADA/AD systems focusing in three main directions: (i) the applicability of different solution techniques; (ii) the incorporation of real-time information to achieve sequentially adaptive policies; and (iii) the robustness of defense policies to counter-adaptive, AI-assisted attackers.

Project Description

Technological advancements, including companies like 23andMe and Ancestry, have transformed accessing health care and ancestry-related information. Despite promising advances in personalized medicine using genetic data, these genetic services pose significant privacy risks due to the sensitive nature of genomic data, with breaches leading to irreversible privacy violations. Existing methods, including anonymization and access control, fail to protect the confidentiality of individuals who share their genomic data. While encrypting genomic data helps address these concerns, it limits the data’s utility because existing bioinformatics pipelines cannot handle encrypted data.

This project ensures the privacy and confidentiality of genomic data while retaining its utility by leveraging trusted execution environments (TEEs). By storing the data encrypted at rest and by processing it within secure hardware enclaves, this project removes any trusted entity with capabilities to view individuals’ genomic data in plaintext. In the short term, this project provides a secure infrastructure to store and process genomic data by automating the conversion of existing genome-processing libraries to TEE-executable programs and mitigating side-channel attacks on those programs. The project ultimately contributes to advancing innovations in disease detection methods and drug discoveries, while safeguarding the confidentiality of individuals.

Project Description

Climate change concerns have spurred a proliferation of independent power producers (renewables) in the electric grid, along with significant increase in power demands due to the electrification of fossil-fuel based technologies (e.g. transportation). Grid communications are critical for effectively coordinating the evolving grid. However, as these utilize open protocols, traverse the public domain (e.g. internet) and utilize easily accessible physical medium (e.g. wireless), stealthy cyber attacks can leverage on existing vulnerabilities in these to infiltrate and destabilize grid operations.

This project develops an end-to-end cyber security solution that leverages on the interdependencies of the cyber and physical domains of the electric grid to actively secure, detect and mitigate natural and adversarial perturbations in grid communications. Specifically, lightweight encryption protocols tailored for the unique attributes of grid communications and optional embedded systems-based interfaces is designed so that common grid computations can be performed in the cipher domain. Data-driven and physics-based approaches are then leveraged to detect anomalies in grid communications that will be actively corrected via generative techniques.

Project Description

This project facilitates collaboration between private organizations and law enforcement agencies for cyber incident investigations. Currently, differences in how they handle these situations, there is often confusion and delays during post-incident investigations. Initially private organizations and law enforcement are empowered by creating a unified and comprehensive set of clear policies and procedures to follow when a cyber incident occurs. This will help guide their actions and enhance their communication, ensuring everyone knows what to do and how to do it. A training program will be developed to teach those in different organizations and law enforcement agencies how to apply the developed framework effectively. This will mean all parties will have the necessary skills and knowledge to effectively and efficiently handle cyber incidents. By doing this, it will be faster and easier for companies and law enforcement agencies to minimize the damage incurred from cyber attacks and to catch cybercriminals.