Increasing the cyber resilience of SMEs through open-source solutions and international collaboration

Authors

  • Ionica ȘERBAN Romanian National Cyber Security Directorate
  • Florentina-Mihaela CURCĂ Romanian National Cyber Security Directorate
  • Robert-Ștefan ȘANDRU Romanian National Cyber Security Directorate

DOI:

https://doi.org/10.53477/2284-9378-24-63

Keywords:

cybersecurity, SMEs, open-source solutions, international collaboration, artificial intelligence, HackOlympics.

Abstract

In an increasingly digitalized world, small and medium-sized enterprises (SMEs) are exposed to significant cyber threats due to limited security resources. This article explores the role of open-source solutions and international collaboration in enhancing the cyber resilience of SMEs. Open-source solutions offer financial accessibility, flexibility, and increased security, supported by global communities that contribute to their continuous improvement. Moreover, decentralized sharing of threat information, combined with artificial intelligence, enables more efficient detection and prevention of cyberattacks. Through collaborative initiatives such as HackOlympics, SMEs can learn through hands-on experience and benefit from solutions tested in real-life scenarios. In conclusion, open-source solutions and the use of advanced technologies, such as AI, provide SMEs with an effective strategy to address modern cyber challenges, improving their resilience and protection against threats.

Author Biographies

Florentina-Mihaela CURCĂ, Romanian National Cyber Security Directorate

Mihaela Curca joined the Directoratul Național de Securitate Cibernetică in 2023 as an Expert in Cybersecurity Project Management. She is responsible for identifying funding opportunities, drafting detailed project proposals, and ensuring the successful implementation and oversight of various cybersecurity initiatives. Her role includes collaboration with diverse stakeholders such as governmental bodies, NGOs, academic institutions, and private sector organizations to foster partnerships and promote best practices in cybersecurity.
Prior to joining the cybersecurity directorate, Mihaela worked as a Junior Researcher at the Centrul de Prevenție și Early Warning, where she conducted research on relevant security topics, including political analysis, and contributed to discussions in various international forums. She also has experience in marketing and project management roles, having worked as Marketing Manager at S.C. Hetma International S.R.L., where she developed and executed marketing strategies to support business growth.
Mihaela holds a Bachelor's Degree in Political Science and is currently pursuing a Master’s Degree in Conflict Analysis and Resolution from the Școala Națională de Studii Politice și Administrative (SNSPA) in Bucharest. Her professional development is further enhanced by her participation in internships and conferences, such as the Cybercon România, Critical Infrastructure Protection Forum, and Aspen Energy Summit.
In addition to her work, Mihaela is fluent in Romanian, English, French, and Italian, and possesses strong digital skills, particularly in Microsoft Office, Zoom, and Cybersecurity tools. Her commitment to national security is demonstrated by her hands-on approach to managing complex cybersecurity projects and her passion for geopolitics, international relations, and strategic diplomacy.

Robert-Ștefan ȘANDRU, Romanian National Cyber Security Directorate

Robert-Ștefan Sandru is a forward-thinking professional, specializing in project management, leadership, and cybersecurity. He currently holds a key position at the National Cyber Security Directorate, where he plays a vital role in managing and implementing multi-million-euro EU-funded cybersecurity projects. His responsibilities include the development of national cybersecurity curricula, fostering collaboration among both national and international stakeholders, and driving projects focused on 5G, SME cybersecurity, and education.
In addition to his technical expertise, Robert serves as the President of the Pro Europa Foundation, where he leads initiatives aimed at social welfare and community development. His leadership ensures that project goals are met through meticulous planning, problem-solving, and collaboration with external stakeholders.
Robert is currently pursuing a Master’s degree in Program and Project Management at Carol I National Defense University, building on his Bachelor’s in International Relations and European Studies from the University of Bucharest. His academic journey reflects a strong commitment to understanding the intersection of security, policy, and international affairs.
As a volunteer, Robert has been deeply involved in the National Organization Scouts of Romania, where he has led a group of scouts and coordinated activities for over 50 members. His involvement in youth exchanges through the Erasmus+ program further emphasizes his dedication to fostering tolerance, diversity, and leadership in younger generations.
Robert has also demonstrated his passion for innovation and technology through his participation in the World Robotics Championship and projects like Takeyourprint and GorjBotics. His leadership and communication skills are evident in his experience speaking at large conferences and organizing community-oriented projects.
With a unique blend of technical proficiency and civic leadership, Robert continues to drive impactful projects that promote security, education, and social progress.

References

Arbor Networks. 2023. DDoS Attacks: How Vulnerable Are SMEs? https://arbornetworks.com/ddos-attacks-smes.

Cisco. 2022. AI-Powered DDoS Prevention and Mitigation. https://cisco.com/ai-ddosprevention.

—. 2023. Securing Decentralized Threat Intelligence Platforms. https://cisco.com/decentralized-threat-intelligence.

ENISA, European Union Agency for Cybersecurity. 2023a. Artificial Intelligence and Cybersecurity: Challenges and Opportunities. https://enisa.europa.eu/ai-andcybersecurity.

—. 2023b. Threat Intelligence Sharing: A Key to Resilience. https://enisa.europa.eu/threatintelligence-sharing.

—. 2023c. ENISA Threat Landscape Report. https://www.enisa.europa.eu/publications/enisa-threat-landscape-2023.

European Commission. 2023. Annual Report on European SMEs 2022/2023. https://singlemarket-economy.ec.europa.eu/document/download/b7d8f71f-4784-4537-8ecf-7f4b53d5fe24_en?filename=Annual%20Report%20on%20European%20SMEs%202023_FINAL.pdf.

FIRST, Forum of Incident Response and Security Teams. 2023. Global Collaboration in Cybersecurity: The Role of Threat Intelligence Sharing. https://first.org/globalcybersecurity-collaboration.

Gartner. 2023. Predictive Analytics in Cybersecurity for SMEs. https://gartner.com/predictive-cybersecurity-smes.

IBM. 2023. Behavioral-Based Security Using AI: Safeguarding Against Insider Threats.https://ibm.com/ai-behavioral-security.

MISP Project. 2023. Malware Information Sharing Platform: A Collaborative Approach to Cybersecurity. https://misp-project.org/malware-information-sharing.

NIST. 2022a. Cybersecurity Framework for Small and Medium Businesses. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1300.pdf.

—. 2022b. Small Business Information Security: The Fundamentals. https://nist.gov/smallbusiness-security.

OWASP, Open Web Application Security Project. 2023a. Open-Source Security Solutions for SMEs. https://owasp.org/open-source-security-smes.

—. 2023b. STIX/TAXII: Enabling Automated Threat Information Sharing for SMEs. https://owasp.org/stix-taxii-sharing.

Downloads

Published

2025-01-21

How to Cite

ȘERBAN, I. ., CURCĂ, F.-M. ., & ȘANDRU, R.- Ștefan . (2025). Increasing the cyber resilience of SMEs through open-source solutions and international collaboration. BULLETIN OF "CAROL I" NATIONAL DEFENCE UNIVERSITY, 13(4), 266–286. https://doi.org/10.53477/2284-9378-24-63

Issue

Vol. 13 No. 4 (2024)

Section

Articles

License

The published articles are subject to copyright law. All rights are reserved to the “Carol I” National Defense University, regardless of whether all or part of the material are considered, especially the rights to translation, reprinting, re-use of illustrations, quotations, broadcasting through the media, reproduction on microfilms or any other way and storage in data banks. Any replicas without the associated fees are authorized provided the source is acknowledged.