The “Go Cloud! Go Secure! – Cloud Security Implementation Model for SMEs” project’s Bulgarian partner, Acta Consulting hosted the second international meeting for the other partners from Hungary, Italy, Austria and Cyprus. The meeting focused on evaluating the milestones achieved so far and scheduling the next tasks.
One of the project’s main outcomes, the Cloud Security Implementation (CSI) Matrix — a digital self-assessment tool — has completed multiple rounds of testing: in the external pilot, a total of 38 professional participants from five countries provided feedback, and 100% said they would recommend it to others; 81.1% of respondents rated the risk-assessment logic as “very useful,” and they also confirmed stable technical operation. In internal testing seven staff members who were not directly involved in the development participated; everyone found the risk scoring useful, and only minor technical and usability comments were raised.
In the coming period Work Package 3 (the CSI implementation model) will be delivered in five consecutive steps:
- Analysis (service inventory, risk map, compliance),
- Definition (policy, control objectives, roles),
- Planning (measures, documentation, training program),
- Implementation (technical steps, awareness-raising), and Verification (testing, monitoring, feedback).
The Cloud Security Implementation Model (CSI Model) is a practical tool that helps small and medium-sized enterprises use cloud systems securely. With a risk-based approach it guides the identification of threats, the design of appropriate security measures, and the maintenance of digital protection. By using it, businesses can increase their digital preparedness, reduce cyber risks, and strengthen customer trust, thereby moving forward safely on their digital transformation journey.
Work Package 4 will provide the educational materials: a pre-assessment questionnaire, the CSI Course curriculum, its digital version and the CSI Online Portal. The curriculum is expected to become available to the target audience this year. Early 2026 the project partners will produce short microlearning videos for the course based on real business examples.
To reach its audience the project employs multi-channel communication and a “cross-linking” approach designed to present other thematically related projects to the same target groups. The aim was to disseminate the project through at least five channels; promotion has already achieved significant reach.
Direct target groups — vocational education and training (VET) providers and trainers, training institutions, HR professionals and in-house trainers, universities and vocational teachers — will receive from the CSI Matrix a quick self-assessment, from the implementation model a step-by-step guide, and from the course and portal immediately teachable, short, practical units to help SMEs improve their cloud security; this practical value was also confirmed in the pilots, with over 90% affirming its usefulness.
