Training and upskilling are the strongest defense against cyberattacks. CYRUS, a European project led by Deep Blue, aims to boost cybersecurity resilience in the manufacturing and transport sectors by offering targeted training programs.
CYBERATTACKS ARE GROWING FAST
Cyberattacks are on the rise. In 2024, there were 3,541 incidents worldwide – a 27.4% increase from the previous year (source: Clusit, the Italian cybersecurity association). Italy was among the most targeted countries, suffering 10% of global attacks – far more than France (4%), Germany, or the UK (3%). That’s a 15% increase over 2023.
The News/Multimedia sector was hit the hardest (18% of all attacks), followed by Manufacturing (16%), Government (10%), and Transport/Storage (7%). The consequences are serious: reputational damage, fines, and financial losses. In 2023, the average cost of a data breach was $4.45 million, and total global losses from cybercrime reached $8 trillion. If cybercrime were a country, its economy would be the third largest in the world – after the U.S. and China.
BUILDING A CYBERSECURITY CULTURE: THE CYRUS PROJECT
The numbers speak for themselves: cybersecurity is now a priority. It’s no longer enough to respond after an attack – we need to act in advance. That means building a cybersecurity culture as a first step: every company, institution, or organisation should place cybersecurity training at the top of its priorities. The Digital Europe Programme, which supports the digital transition of businesses, citizens, and public administrations, is providing strong support in this direction. Among the funded cybersecurity projects is CYRUS (A personalised, customised, work-based training framework for enhanced CYbeR-security skills across industrial Sectors), which focuses on developing cybersecurity courses mainly for the Transport and Manufacturing sectors.
“As digitalization grows and technologies like Artificial Intelligence and automation become more widespread, the risk of cyberattacks increases too – exploiting not only system and software vulnerabilities but also human ones,” explains Alessia Golfetti, Human Factors expert and head of the Secure Societies area at Deep Blue, which coordinates the project involving 11 partners from 9 European countries. “That’s why it’s essential to take a proactive and resilient approach – one that focuses on training and continuous learning. Cybercrime, just like technology, is constantly evolving in terms of tactics, techniques, and procedures. In short: today, more than ever, cybersecurity depends on people – even more than on technology.”
“Right now, the cybersecurity training landscape is quite fragmented,” Golfetti continues. “What’s needed is tailored training – and that’s exactly what CYRUS aims to deliver: cybersecurity courses designed around existing skills and addressing the real needs of workers in the Transport and Manufacturing sectors. The broader goal is to raise awareness of cybersecurity, which is often seen as something distant or secondary.”
SKILLS AND KNOWLEDGE FOR CYBERSECURITY
At the heart of the project is the CYRUS Competence Framework – a reference model designed to define cybersecurity skills and knowledge, both across different sectors and job roles. As project coordinator, Deep Blue led the development of this tool, which began with an in-depth analysis of each organisation’s context and needs. The team then defined the main areas of intervention: risk prevention, monitoring & management, Policy & compliance and Cybersecurity culture & human behaviour. For each area, the framework outlines the required competencies – for example, applying good password management practices or detecting anomalies in operations.
“We built the framework based on existing literature, insights from other sectors and past projects, and input gathered through surveys, interviews, and focus groups,” adds Golfetti. “It’s a practical tool – not only for understanding real needs but also for designing personalised training paths, tailored to different roles within companies and the specific risks each organisation faces.”
THE COURSES: BASIC SKILLS, INTERACTIVITY, AND FLEXIBILITY
Course development began in 2024 with a pilot phase that involved over 500 employees from manufacturing industries and transport companies, including Ferrovie dello Stato, primarily in administrative roles, but also IT and security experts. The goal was to test the content and gather valuable feedback for potential adjustments.
“Post-pilot interviews confirmed the importance of investing in training for staff in non-technical roles, such as management and HR,” explains Golfetti. “There was also a clear need for more flexible and shorter training, compatible with daily work routines and personal life.” As a result, the final courses were designed to last no more than 4 hours, with most of the training conducted online (e-learning and webinars), and a small portion delivered in person. “A lot of attention was also given to interactivity, using engaging methods and presenting practical cases and real-life situations to make the training more concrete and easily applicable,” adds Golfetti.
In April 2025, the final version of the courses was launched. Following this, the results will be analysed, and all materials will be published online, with a catalogue of over 40 courses available for free on the project website. CYRUS aims to make cybersecurity training more accessible, targeted, and widespread, helping to build a culture of cybersecurity awareness where people, rather than technology, are the true strength.