AXA Research Fund – Building Resilience Against Systemic Cyber Risk

Below is a summary assembled by the Research & Innovation Office (RIO). Please see the full solicitation for complete information about the funding opportunity.

Program Summary

Digitalization has enabled tremendous progresses in economy and society of the past decades. Global connectivity through the internet and underlying network infrastructure has further accelerated this developed. With any advance in technology, risks have evolved as well – in case of digitization in the shape of cyber risks

Cyber risk manifests itself in our everyday lives…cyber-attacks, espionage, operational errors occur daily, causing loss to the economy at a significant level. Cyber risk, however, also has the potential to generate loss due to large shocks. Globally connected system, single digital points of failure at cloud providers and critical infrastructure being digitized have created the potential to lead to accumulating losses with significant impact to the economy. Examples of such accumulating cyber events (e.g., Solarwinds 2020, Moveit, 2023), or of single cyber-attack leading to larger societal impact (e.g. Colonial Pipeline 2021, Costa Rica 2022), have been observed in recent history. Fortunately, a truly large cyber catastrophe has not occurred yet. 

The probability of a cyber catastrophe events occurring is challenging to predict given the fast evolving technology, risk landscape, and man-made character. This Call hence asks to take a different perspective and focuses on the resilience against cyber catastrophes. It should not address the likelihood of certain larger scenarios occurring or the how such scenarios originate. This Call assumes cyber catastrophes are possible, and when they occur, greater resilience will help reduce the impact and allow for faster recovery. 

Direction of Work:  

  • We ask applicants to contribute to increasing our understanding of economic resilience against cyber catastrophes.  Being resilient may refer to concepts such as being less vulnerable by design (e.g., introduce circuit breakers); reducing negative impact (e.g., increase industry specific support agreements, develop public private partnerships); recovering swiftly (e.g., establish protocols)
  • Work will require choices around specific cyber catastrophe scenarios (e.g., cyber-caused outages of critical infrastructure, mass malware events, cloud provider outages, impact of the quantum computing), scope of cascading and accumulating impact, considerations about specific industries or regions, assumptions on the origins and motivation of such shock scenarios (political actors, criminals, operational handling, financial gain). These are at the discretion of the submitting parties.
  • The results of the work need to improve our understanding of where our economy and businesses are most / least resilient against certain scenarios, how could we measure resilience (e.g. stress testing), where additional / different resilience levels may have the largest positive impact, and what means may be adequate to achieve such additional / different levels of resilience.
  • Applicants are free to choose research methods they deem fit to approach the selected aspects. Given the wide array of possible themes, a focus on selected scenarios, industries, regions, or technologies is appreciated.

Deadlines

CU Internal Deadline: 11:59pm MT January 8, 2024

Sponsor Application Deadline: 4:00am MT February 15, 2024

Internal Application Requirements (all in PDF format)

  • Project Summary (3 pages maximum): Please describe the project objectives and activities including the team’s expertise and ability to complete the tasks of the proposed project with the best quality. Ideally, the team shall be composed of promising early career researchers, as well as would reflect the principle of diversity (gender and geography). 
  • PI Curriculum Vitae
  • Budget Overview (1 page maximum): A basic budget outlining project costs is sufficient; detailed OCG budgets are not required.
  • Fundamental Research Certification: AXA Research Fund does not support applied research and only fundamental projects are allowed.

To access the online application, visit: https://cuboulderovcr.secure-platform.com/a/solicitations/6938/home  

Eligibility

The grant aims at supporting promising researchers or research groups. Funding recipients need to be academic institutions which can either apply as 1) a Sole Applicant (one academic institution) or 2) Consortium Applicant, (collaboration amongst two or more academic institutions). Project Proposals must always be led by ONE Principal Investigator who is nominated by the institution leading the application process. 

Application from academic institutions across the globe are accepted. Academic institutions are the only eligible direct beneficiaries which may receive funding under this call. Private companies, NGOs, governmental bodies, foundations, independent research centers, cultural institutions (such as museums), and hospitals are not eligible as direct beneficiaries. However, due to the applied nature of the funding, it is possible for academic institutions to collaborate and partner with other organizations from public and private sectors. The non-academic institutions can be listed as associated partners and may receive part of the funding from the institution, agreed upon within each proposal's own set-ups.

Limited Submission Guidelines

Each academic institution can hand in only ONE PROJECT PROPOSAL. In case of several applications submitted from a single institution, all applications would be disqualified. No change of host institution will be possible after submission of the application. 

Award Information

Up to 150,000€ for a period of 9-18 months

Review Criteria

The Evaluation Panel selects to fund applications based on strength of scientific excellence, project impact, candidate profile, feasibility and outreach potential.