SlideShare a Scribd company logo

10 the-finstix-data-model

I
innov-acts-ltd

FINSTIX: A Model for Modelling Knowledge and Sharing Threat Intelligence Information across Financial Organizations

Economy & Finance
1 of 27
Download to read offline
1H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Consorzio Interuniversitario Nazionale per l'Informatica (CINI) & INNOV-ACTS, Limited E-mail: cini@finsec-project.eu , info@innov-acts.com H2020 FINSEC Project The FINSEC project is co-funded from the European Union’s Horizon 2020 programme under grant Agreement No 786727 FINSTIX: A Security Data Model for the Financial Sector 15/04/2020
2H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Objectives ▪ Learn about the security knowledge base model ▪ Understand how STIX was extended to serve the needs of the FINSEC project Topic ▪ Understand what a knowledge base is ▪ Learn about the different types of knowledge bases ▪ Understand the basics of Cyber Threat Intelligence ▪ Discover the relevance of Structured Threat Information eXpression (STIX) Goal Existing solutions - STIX The FINSTIX solution
3H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Introduction ▪ Cybersecurity incidents against financial institutions is growing ▪ Benefits - growing sophistication of recent technological innovations - complex processes - multiple organizations - services are becoming more digitized and interconnected ▪ Need for financial institutions - Increase their robustness - Develop integrated approaches for addressing physical and cyber attack FINSEC project: Integrated Framework for Predictive and Collaborative Security of Financial Sector
4H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Existing solutions
5H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Cyber Threat Intelligence Holistic approach to the automated sharing of threat intelligence Considered one of the most promising strategies in the cyber-security topic Propose a classification and distinction among existing threat intelligence types Summarize and compare the most prevalent information-sharing models Structured Threat Information Expression (STIX) the most commonly used CTI standard
6H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Structured Threat Information eXpression (STIX) ▪ STIX: ▪ Provides a modular format that can also efficiently incorporate other standards ▪ Adopted in different contexts of different nature ▪ STIX has been designed with a focus on four different use cases that include: ▪ Analyzing Cyber Threats ▪ Specifying Indicator Patterns for Cyber Threats ▪ Managing Cyber Threat Response Activities ▪ Sharing Cyber Threat Information
7H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Structured Threat Information eXpression (STIX) (cont.) Limitations of STIX: ▪very complex to implement ▪lacks support to reasoning FINSTIX ▪includes both cyber and physical security threats ▪enables the description of organization assets ▪accounts for how they are inter-connected
8H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY STIX Domain Objects
9H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY STIX Domain Objects (cont.)
10H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY STIX Relationship Objects
11H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Knowledge Base (1) ▪ Definition: Technology is used to collect, organize, share and retrieve complex structured and unstructured information representing facts and assertions about the world. ▪ Difference from a simple database: ▪ Does not consist only of tables with numbers, strings, dates, etc. ▪ Contains objects with pointers to other objects that, in turn, have additional pointers ▪ Two major types of knowledge bases: ▪ human-readable : knowledge base enables the users to access and use the knowledge ▪ machine readable
12H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Knowledge Base (2) ▪Two major types of knowledge bases: ▪ Human-readable : ▪ knowledge base enables the users to access and use the knowledge ▪ consist of documents, manuals, troubleshooting information, and frequently answered questions ▪ interactive and can lead the users to the solutions to their problems, relying on the information provided by expert users to guide the process ▪ Machine-readable : ▪ stores knowledge in system-readable forms ▪ limited in interactivity
13H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY FINSEC Security Knowledge Base (1) ▪Information from different external sources of Cyber Threat Intelligence is collected ▪Structure of the knowledge base = definition of relationships between the different assets and of their interactions as part of the critical ▪Definitions enable identification and registration of known attack patterns against the infrastructure ▪Type of knowledge base : ▪mixture of human and machine-readable
14H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY FINSEC Security Knowledge Base (2) To suit the FINSEC needs, the content of the Security Knowledge Base satisfies two essential requirements: 1. It should be structured in order to enable automatic processing 2. It should include information on the infrastructure and the organization assets, for enabling the FINSEC Platform to perform Cyber and Physical Threat Intelligence
15H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The FINSTIX solution
16H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Security Knowledge Base Data Model ▪ To realize a knowledge base, need to design the appropriate data model, which is the format used to represent the information contained in the knowledge base ▪ Option #1 : ▪ Define a completely new set of objects coping with the business requirements of the considered use cases ▪ This approach incorporates the risk of missing other relevant cases ▪ Option #2: ▪ Employ an existing standard (or mix of standards) and then extend is such that missing components can be added The Edge Tier contains the Actuation Enabler and a Data Collection module ▪ FINSEC follows option #2
17H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY From STIX to FINSTIX ▪STIX limitations: ▪ it does not provide for an accurate representation of the financial institution infrastructure ▪ does not envisage physical systems, but it is rather limited to the cyber ones ▪Two possible extensions of STIX: 1. consists in the definition of custom parameters into STIX Domain Objects already defined by the standard itself 2. consists in the definition of brand-new custom objects. FINSEC follows both approaches
18H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY FINSTIX Domain Objects (1) Name Description Organization Financial organization. Asset Organizations’ valuable infrastructure. PCs, server rooms, ATMs, applications, and everything inside an organization that is crucial. Area of Interest Logical/physical area, for example, an indoor area (server room). Service A collection of assets forming a publicly exposed service, for example, a web application. Probe Object used to support monitoring infrastructure. A Probe usually monitors one or more areas of interest. Probe Configuration Data sent to a probe to configure details such as the area under monitoring or the bit rate of the monitoring process. Event Information on something happened/happening.
19H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY FINSTIX Domain Objects (2) Name Description Collected data A group of observed data collected by the network probe. Agent Person involved in the events created by the probes. Risk The calculated risk for a specific asset or service. The upper levels of FINSEC calculate it in real-time. Risk Configuration Parameter specification to optimize the risk assessment process. It defines the triggers and other useful options. Regulation An object used to depict a regulation violation. Vulnerability score Rating used to provide a score to a vulnerability. Cyber-Physical Threat Intelligence Data set fed and enriched by threat information as soon as they are gathered from the probes and processed by the Predictive Analytics module.
20H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Security Knowledge Base Architecture (1) ▪The SKB Database, which stores the knowledge ▪SKB Engine, which manages the operations on the database. It exposes REST API to interact with the other modules ▪The connectors (one for each external source), which translate the information coming from external threat intelligence sources into the data model to promote homogeneity and integrity among the FINSEC services
21H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Security Knowledge Base Architecture (2)
22H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The FINSEC Security Knowledge Base One of the modules contained in the Data Tier of the FINSEC Reference Architecture Security Knowledge Base will be to collect information coming from different sources of Cyber Threat Intelligence Value of the Security Knowledge Base compared to the existing ones is the definition of the relationships between different assets and their interactions as part of the critical infrastructures of the financial sector Service Tier to consume the information contained in the Knowledge Base for producing new Cyber and Physical Threat Intelligence Service Tier will feed the Security Knowledge Base with this new information
23H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Integration with the Dashboard and the Collaborative Risk Management Module ▪The Collaborative Risk Management module: ▪ Retrieves the vulnerabilities and the related scores affecting the assets that compose the service; ▪ Calculates the individual asset risk for each asset composing the service, based on the affecting vulnerabilities, the impact and the threat level for the asset itself; ▪ Calculates the service risk starting from the assets’ individual risks. ▪ The user (e.g., Security Officer, Member of CERT/CSIRT teams) can see information on the organization services in the Service page of the Dashboard
24H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Visualization of the Criticality of vulnerabilities
25H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Visualization of Vulnerabilities affecting the infrastructure
26H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Risk management module Risk Management module to calculate the risk associated with the infrastructure services. The Collaborative Risk Management module: ▪Retrieves the vulnerabilities and the related scores affecting the assets that compose the service; ▪Calculates the individual asset risk for each asset composing the service, based on the affecting vulnerabilities, the impact and the threat level for the asset itself; ▪Calculates the service risk starting from the assets’ individual risks.
27H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Visualization of Risk Associated with the Service

Recommended

H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
innov-acts-ltd
 
11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector
innov-acts-ltd
 
12 ai-digital-finance-overview
12 ai-digital-finance-overview12 ai-digital-finance-overview
12 ai-digital-finance-overview
innov-acts-ltd
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
Christos Laganas
 
07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems 07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems
innov-acts-ltd
 
Fintech 2021: Overview and Applications
Fintech 2021: Overview and Applications Fintech 2021: Overview and Applications
Fintech 2021: Overview and Applications
Abdullah Mohammed Ahmed Ayedh
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
Ulf Mattsson
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
Joseph Wynn
 

Recommended

H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
innov-acts-ltd
 
11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector
innov-acts-ltd
 
12 ai-digital-finance-overview
12 ai-digital-finance-overview12 ai-digital-finance-overview
12 ai-digital-finance-overview
innov-acts-ltd
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
Christos Laganas
 
07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems 07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems
innov-acts-ltd
 
Fintech 2021: Overview and Applications
Fintech 2021: Overview and Applications Fintech 2021: Overview and Applications
Fintech 2021: Overview and Applications
Abdullah Mohammed Ahmed Ayedh
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
Ulf Mattsson
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
Joseph Wynn
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technology
Ulf Mattsson
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
Ulf Mattsson
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
Ulf Mattsson
 
MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018
Match-Maker Ventures
 
Data Security and Privacy by Contract: Hacking Us All Into Business Associate...
Data Security and Privacy by Contract: Hacking Us All Into Business Associate...Data Security and Privacy by Contract: Hacking Us All Into Business Associate...
Data Security and Privacy by Contract: Hacking Us All Into Business Associate...
Shawn Tuma
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...
Ulf Mattsson
 
Bhadale group of companies- services catalogue for banking and financial sector
Bhadale group of companies- services catalogue for banking and financial sectorBhadale group of companies- services catalogue for banking and financial sector
Bhadale group of companies- services catalogue for banking and financial sector
Vijayananda Mohire
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
Ulf Mattsson
 
02 the-fin tech-revolution
02 the-fin tech-revolution02 the-fin tech-revolution
02 the-fin tech-revolution
innov-acts-ltd
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
Ulf Mattsson
 
Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacy
PECB
 
ETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS - the Global IT Association for Telecommunications
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter Meeting
Phil Agcaoili
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computation
Ulf Mattsson
 
Blockchain as a service and demand
Blockchain as a service and demandBlockchain as a service and demand
Blockchain as a service and demand
Blockchain Council
 
The Global Fight for Internet Trust
The Global Fight for Internet TrustThe Global Fight for Internet Trust
The Global Fight for Internet Trust
PECB
 
Blockchain security a different perspective
Blockchain security a different perspectiveBlockchain security a different perspective
Blockchain security a different perspective
Secunoid Systems Inc
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
innov-acts-ltd
 
05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance
innov-acts-ltd
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISO
isc2-hellenic
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4web
innov-acts-ltd
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
Adrian Dumitrescu
 

More Related Content

What's hot

Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technology
Ulf Mattsson
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
Ulf Mattsson
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
Ulf Mattsson
 
MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018
Match-Maker Ventures
 
Data Security and Privacy by Contract: Hacking Us All Into Business Associate...
Data Security and Privacy by Contract: Hacking Us All Into Business Associate...Data Security and Privacy by Contract: Hacking Us All Into Business Associate...
Data Security and Privacy by Contract: Hacking Us All Into Business Associate...
Shawn Tuma
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...
Ulf Mattsson
 
Bhadale group of companies- services catalogue for banking and financial sector
Bhadale group of companies- services catalogue for banking and financial sectorBhadale group of companies- services catalogue for banking and financial sector
Bhadale group of companies- services catalogue for banking and financial sector
Vijayananda Mohire
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
Ulf Mattsson
 
02 the-fin tech-revolution
02 the-fin tech-revolution02 the-fin tech-revolution
02 the-fin tech-revolution
innov-acts-ltd
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
Ulf Mattsson
 
Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacy
PECB
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter Meeting
Phil Agcaoili
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computation
Ulf Mattsson
 
Blockchain as a service and demand
Blockchain as a service and demandBlockchain as a service and demand
Blockchain as a service and demand
Blockchain Council
 
The Global Fight for Internet Trust
The Global Fight for Internet TrustThe Global Fight for Internet Trust
The Global Fight for Internet Trust
PECB
 
Blockchain security a different perspective
Blockchain security a different perspectiveBlockchain security a different perspective
Blockchain security a different perspective
Secunoid Systems Inc
 

What's hot (17)

Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technology
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018
 
Data Security and Privacy by Contract: Hacking Us All Into Business Associate...
Data Security and Privacy by Contract: Hacking Us All Into Business Associate...Data Security and Privacy by Contract: Hacking Us All Into Business Associate...
Data Security and Privacy by Contract: Hacking Us All Into Business Associate...
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...
 
Bhadale group of companies- services catalogue for banking and financial sector
Bhadale group of companies- services catalogue for banking and financial sectorBhadale group of companies- services catalogue for banking and financial sector
Bhadale group of companies- services catalogue for banking and financial sector
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
 
02 the-fin tech-revolution
02 the-fin tech-revolution02 the-fin tech-revolution
02 the-fin tech-revolution
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
 
Recent developments and future challenges in privacy
Recent developments and future challenges in privacyRecent developments and future challenges in privacy
Recent developments and future challenges in privacy
 
ETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco security
 
CSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter MeetingCSA Atlanta Q1'2016 Chapter Meeting
CSA Atlanta Q1'2016 Chapter Meeting
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computation
 
Blockchain as a service and demand
Blockchain as a service and demandBlockchain as a service and demand
Blockchain as a service and demand
 
The Global Fight for Internet Trust
The Global Fight for Internet TrustThe Global Fight for Internet Trust
The Global Fight for Internet Trust
 
Blockchain security a different perspective
Blockchain security a different perspectiveBlockchain security a different perspective
Blockchain security a different perspective
 

Similar to 10 the-finstix-data-model

09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
innov-acts-ltd
 
05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance
innov-acts-ltd
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISO
isc2-hellenic
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4web
innov-acts-ltd
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
Adrian Dumitrescu
 
IT Security News & Case Studies
IT Security News & Case StudiesIT Security News & Case Studies
IT Security News & Case Studies
Dani Wannous
 
BMIS 664 Final Project.docx
BMIS 664 Final Project.docxBMIS 664 Final Project.docx
BMIS 664 Final Project.docx
write31
 
Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber Crime
Deepak Kumar (D3)
 
SHIELD_overview_presentation_INFOCOM2018.pptx
SHIELD_overview_presentation_INFOCOM2018.pptxSHIELD_overview_presentation_INFOCOM2018.pptx
SHIELD_overview_presentation_INFOCOM2018.pptx
officelifehq
 
Security and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical SystemsSecurity and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical Systems
Bob Marcus
 
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
Cohesive Networks
 
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
IJCSIS Research Publications
 
Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien
DNUG e.V.
 
Fintech Cybersecurity Measures
Fintech Cybersecurity MeasuresFintech Cybersecurity Measures
Fintech Cybersecurity Measures
ijtsrd
 
Cs cmaster
Cs cmasterCs cmaster
Cs cmaster
Hafid CHEBRAOUI
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
Ulf Mattsson
 
SecureIoT Security Knowledge Base
SecureIoT Security Knowledge BaseSecureIoT Security Knowledge Base
SecureIoT Security Knowledge Base
Mariza Konidi
 
Webinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystWebinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence Analyst
Tuan Yang
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
NetEnrich, Inc.
 
Safeguarding the Internet of Things
Safeguarding the Internet of ThingsSafeguarding the Internet of Things
Safeguarding the Internet of Things
Cognizant
 

Similar to 10 the-finstix-data-model (20)

09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
 
05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISO
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4web
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
 
IT Security News & Case Studies
IT Security News & Case StudiesIT Security News & Case Studies
IT Security News & Case Studies
 
BMIS 664 Final Project.docx
BMIS 664 Final Project.docxBMIS 664 Final Project.docx
BMIS 664 Final Project.docx
 
Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber Crime
 
SHIELD_overview_presentation_INFOCOM2018.pptx
SHIELD_overview_presentation_INFOCOM2018.pptxSHIELD_overview_presentation_INFOCOM2018.pptx
SHIELD_overview_presentation_INFOCOM2018.pptx
 
Security and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical SystemsSecurity and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical Systems
 
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
 
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
ONDaSCA: On-demand Network Data Set Creation Application for Intrusion Detect...
 
Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien
 
Fintech Cybersecurity Measures
Fintech Cybersecurity MeasuresFintech Cybersecurity Measures
Fintech Cybersecurity Measures
 
Cs cmaster
Cs cmasterCs cmaster
Cs cmaster
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
 
SecureIoT Security Knowledge Base
SecureIoT Security Knowledge BaseSecureIoT Security Knowledge Base
SecureIoT Security Knowledge Base
 
Webinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystWebinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence Analyst
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
 
Safeguarding the Internet of Things
Safeguarding the Internet of ThingsSafeguarding the Internet of Things
Safeguarding the Internet of Things
 

More from innov-acts-ltd

H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
innov-acts-ltd
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector
innov-acts-ltd
 
06 digitalization-in-finance
06 digitalization-in-finance06 digitalization-in-finance
06 digitalization-in-finance
innov-acts-ltd
 
04 regulations-impact-on-finance-sector
04 regulations-impact-on-finance-sector04 regulations-impact-on-finance-sector
04 regulations-impact-on-finance-sector
innov-acts-ltd
 
03 regulatory landscape&regtech
03 regulatory landscape&regtech03 regulatory landscape&regtech
03 regulatory landscape&regtech
innov-acts-ltd
 
01 introduction-to-digital-finance
01 introduction-to-digital-finance01 introduction-to-digital-finance
01 introduction-to-digital-finance
innov-acts-ltd
 

More from innov-acts-ltd (6)

H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector
 
06 digitalization-in-finance
06 digitalization-in-finance06 digitalization-in-finance
06 digitalization-in-finance
 
04 regulations-impact-on-finance-sector
04 regulations-impact-on-finance-sector04 regulations-impact-on-finance-sector
04 regulations-impact-on-finance-sector
 
03 regulatory landscape&regtech
03 regulatory landscape&regtech03 regulatory landscape&regtech
03 regulatory landscape&regtech
 
01 introduction-to-digital-finance
01 introduction-to-digital-finance01 introduction-to-digital-finance
01 introduction-to-digital-finance
 

Recently uploaded

Webinar Exploring DORA for Fintechs - Simont Braun
Webinar Exploring DORA for Fintechs - Simont BraunWebinar Exploring DORA for Fintechs - Simont Braun
Webinar Exploring DORA for Fintechs - Simont Braun
FinTech Belgium
 
what is the future of Pi Network currency.
what is the future of Pi Network currency.what is the future of Pi Network currency.
what is the future of Pi Network currency.
DOT TECH
 
Financial Assets: Debit vs Equity Securities.pptx
Financial Assets: Debit vs Equity Securities.pptxFinancial Assets: Debit vs Equity Securities.pptx
Financial Assets: Debit vs Equity Securities.pptx
Writo-Finance
 
USDA Loans in California: A Comprehensive Overview.pptx
USDA Loans in California: A Comprehensive Overview.pptxUSDA Loans in California: A Comprehensive Overview.pptx
USDA Loans in California: A Comprehensive Overview.pptx
marketing367770
 
Introduction to Indian Financial System ()
Introduction to Indian Financial System ()Introduction to Indian Financial System ()
Introduction to Indian Financial System ()
Avanish Goel
 
一比一原版BCU毕业证伯明翰城市大学毕业证成绩单如何办理
一比一原版BCU毕业证伯明翰城市大学毕业证成绩单如何办理一比一原版BCU毕业证伯明翰城市大学毕业证成绩单如何办理
一比一原版BCU毕业证伯明翰城市大学毕业证成绩单如何办理
ydubwyt
 
The WhatsPump Pseudonym Problem and the Hilarious Downfall of Artificial Enga...
The WhatsPump Pseudonym Problem and the Hilarious Downfall of Artificial Enga...The WhatsPump Pseudonym Problem and the Hilarious Downfall of Artificial Enga...
The WhatsPump Pseudonym Problem and the Hilarious Downfall of Artificial Enga...
muslimdavidovich670
 
how can I sell/buy bulk pi coins securely
how can I sell/buy bulk pi coins securelyhow can I sell/buy bulk pi coins securely
how can I sell/buy bulk pi coins securely
DOT TECH
 
Introduction to Value Added Tax System.ppt
Introduction to Value Added Tax System.pptIntroduction to Value Added Tax System.ppt
Introduction to Value Added Tax System.ppt
VishnuVenugopal84
 
Intro_Economics_ GPresentation Week 4.pptx
Intro_Economics_ GPresentation Week 4.pptxIntro_Economics_ GPresentation Week 4.pptx
Intro_Economics_ GPresentation Week 4.pptx
shetivia
 
Turin Startup Ecosystem 2024 - Ricerca sulle Startup e il Sistema dell'Innov...
Turin Startup Ecosystem 2024 - Ricerca sulle Startup e il Sistema dell'Innov...Turin Startup Ecosystem 2024 - Ricerca sulle Startup e il Sistema dell'Innov...
Turin Startup Ecosystem 2024 - Ricerca sulle Startup e il Sistema dell'Innov...
Quotidiano Piemontese
 
Empowering the Unbanked: The Vital Role of NBFCs in Promoting Financial Inclu...
Empowering the Unbanked: The Vital Role of NBFCs in Promoting Financial Inclu...Empowering the Unbanked: The Vital Role of NBFCs in Promoting Financial Inclu...
Empowering the Unbanked: The Vital Role of NBFCs in Promoting Financial Inclu...
Vighnesh Shashtri
 
234Presentation on Indian Debt Market.ppt
234Presentation on Indian Debt Market.ppt234Presentation on Indian Debt Market.ppt
234Presentation on Indian Debt Market.ppt
PravinPatil144525
 
how can I sell pi coins after successfully completing KYC
how can I sell pi coins after successfully completing KYChow can I sell pi coins after successfully completing KYC
how can I sell pi coins after successfully completing KYC
DOT TECH
 
how can i use my minded pi coins I need some funds.
how can i use my minded pi coins I need some funds.how can i use my minded pi coins I need some funds.
how can i use my minded pi coins I need some funds.
DOT TECH
 
What website can I sell pi coins securely.
What website can I sell pi coins securely.What website can I sell pi coins securely.
What website can I sell pi coins securely.
DOT TECH
 
GeM ppt in railway for presentation on gem
GeM ppt in railway for presentation on gemGeM ppt in railway for presentation on gem
GeM ppt in railway for presentation on gem
CwierAsn
 
The Evolution of Non-Banking Financial Companies (NBFCs) in India: Challenges...
The Evolution of Non-Banking Financial Companies (NBFCs) in India: Challenges...The Evolution of Non-Banking Financial Companies (NBFCs) in India: Challenges...
The Evolution of Non-Banking Financial Companies (NBFCs) in India: Challenges...
beulahfernandes8
 
Chương 6. Ancol - phenol - ether (1).pdf
Chương 6. Ancol - phenol - ether (1).pdfChương 6. Ancol - phenol - ether (1).pdf
Chương 6. Ancol - phenol - ether (1).pdf
va2132004
 
Scope Of Macroeconomics introduction and basic theories
Scope Of Macroeconomics introduction and basic theoriesScope Of Macroeconomics introduction and basic theories
Scope Of Macroeconomics introduction and basic theories
nomankalyar153
 

Recently uploaded (20)

Webinar Exploring DORA for Fintechs - Simont Braun
Webinar Exploring DORA for Fintechs - Simont BraunWebinar Exploring DORA for Fintechs - Simont Braun
Webinar Exploring DORA for Fintechs - Simont Braun
 
what is the future of Pi Network currency.
what is the future of Pi Network currency.what is the future of Pi Network currency.
what is the future of Pi Network currency.
 
Financial Assets: Debit vs Equity Securities.pptx
Financial Assets: Debit vs Equity Securities.pptxFinancial Assets: Debit vs Equity Securities.pptx
Financial Assets: Debit vs Equity Securities.pptx
 
USDA Loans in California: A Comprehensive Overview.pptx
USDA Loans in California: A Comprehensive Overview.pptxUSDA Loans in California: A Comprehensive Overview.pptx
USDA Loans in California: A Comprehensive Overview.pptx
 
Introduction to Indian Financial System ()
Introduction to Indian Financial System ()Introduction to Indian Financial System ()
Introduction to Indian Financial System ()
 
一比一原版BCU毕业证伯明翰城市大学毕业证成绩单如何办理
一比一原版BCU毕业证伯明翰城市大学毕业证成绩单如何办理一比一原版BCU毕业证伯明翰城市大学毕业证成绩单如何办理
一比一原版BCU毕业证伯明翰城市大学毕业证成绩单如何办理
 
The WhatsPump Pseudonym Problem and the Hilarious Downfall of Artificial Enga...
The WhatsPump Pseudonym Problem and the Hilarious Downfall of Artificial Enga...The WhatsPump Pseudonym Problem and the Hilarious Downfall of Artificial Enga...
The WhatsPump Pseudonym Problem and the Hilarious Downfall of Artificial Enga...
 
how can I sell/buy bulk pi coins securely
how can I sell/buy bulk pi coins securelyhow can I sell/buy bulk pi coins securely
how can I sell/buy bulk pi coins securely
 
Introduction to Value Added Tax System.ppt
Introduction to Value Added Tax System.pptIntroduction to Value Added Tax System.ppt
Introduction to Value Added Tax System.ppt
 
Intro_Economics_ GPresentation Week 4.pptx
Intro_Economics_ GPresentation Week 4.pptxIntro_Economics_ GPresentation Week 4.pptx
Intro_Economics_ GPresentation Week 4.pptx
 
Turin Startup Ecosystem 2024 - Ricerca sulle Startup e il Sistema dell'Innov...
Turin Startup Ecosystem 2024 - Ricerca sulle Startup e il Sistema dell'Innov...Turin Startup Ecosystem 2024 - Ricerca sulle Startup e il Sistema dell'Innov...
Turin Startup Ecosystem 2024 - Ricerca sulle Startup e il Sistema dell'Innov...
 
Empowering the Unbanked: The Vital Role of NBFCs in Promoting Financial Inclu...
Empowering the Unbanked: The Vital Role of NBFCs in Promoting Financial Inclu...Empowering the Unbanked: The Vital Role of NBFCs in Promoting Financial Inclu...
Empowering the Unbanked: The Vital Role of NBFCs in Promoting Financial Inclu...
 
234Presentation on Indian Debt Market.ppt
234Presentation on Indian Debt Market.ppt234Presentation on Indian Debt Market.ppt
234Presentation on Indian Debt Market.ppt
 
how can I sell pi coins after successfully completing KYC
how can I sell pi coins after successfully completing KYChow can I sell pi coins after successfully completing KYC
how can I sell pi coins after successfully completing KYC
 
how can i use my minded pi coins I need some funds.
how can i use my minded pi coins I need some funds.how can i use my minded pi coins I need some funds.
how can i use my minded pi coins I need some funds.
 
What website can I sell pi coins securely.
What website can I sell pi coins securely.What website can I sell pi coins securely.
What website can I sell pi coins securely.
 
GeM ppt in railway for presentation on gem
GeM ppt in railway for presentation on gemGeM ppt in railway for presentation on gem
GeM ppt in railway for presentation on gem
 
The Evolution of Non-Banking Financial Companies (NBFCs) in India: Challenges...
The Evolution of Non-Banking Financial Companies (NBFCs) in India: Challenges...The Evolution of Non-Banking Financial Companies (NBFCs) in India: Challenges...
The Evolution of Non-Banking Financial Companies (NBFCs) in India: Challenges...
 
Chương 6. Ancol - phenol - ether (1).pdf
Chương 6. Ancol - phenol - ether (1).pdfChương 6. Ancol - phenol - ether (1).pdf
Chương 6. Ancol - phenol - ether (1).pdf
 
Scope Of Macroeconomics introduction and basic theories
Scope Of Macroeconomics introduction and basic theoriesScope Of Macroeconomics introduction and basic theories
Scope Of Macroeconomics introduction and basic theories
 

10 the-finstix-data-model

  • 1. 1H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Consorzio Interuniversitario Nazionale per l'Informatica (CINI) & INNOV-ACTS, Limited E-mail: cini@finsec-project.eu , info@innov-acts.com H2020 FINSEC Project The FINSEC project is co-funded from the European Union’s Horizon 2020 programme under grant Agreement No 786727 FINSTIX: A Security Data Model for the Financial Sector 15/04/2020
  • 2. 2H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Objectives ▪ Learn about the security knowledge base model ▪ Understand how STIX was extended to serve the needs of the FINSEC project Topic ▪ Understand what a knowledge base is ▪ Learn about the different types of knowledge bases ▪ Understand the basics of Cyber Threat Intelligence ▪ Discover the relevance of Structured Threat Information eXpression (STIX) Goal Existing solutions - STIX The FINSTIX solution
  • 3. 3H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Introduction ▪ Cybersecurity incidents against financial institutions is growing ▪ Benefits - growing sophistication of recent technological innovations - complex processes - multiple organizations - services are becoming more digitized and interconnected ▪ Need for financial institutions - Increase their robustness - Develop integrated approaches for addressing physical and cyber attack FINSEC project: Integrated Framework for Predictive and Collaborative Security of Financial Sector
  • 4. 4H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Existing solutions
  • 5. 5H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Cyber Threat Intelligence Holistic approach to the automated sharing of threat intelligence Considered one of the most promising strategies in the cyber-security topic Propose a classification and distinction among existing threat intelligence types Summarize and compare the most prevalent information-sharing models Structured Threat Information Expression (STIX) the most commonly used CTI standard
  • 6. 6H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Structured Threat Information eXpression (STIX) ▪ STIX: ▪ Provides a modular format that can also efficiently incorporate other standards ▪ Adopted in different contexts of different nature ▪ STIX has been designed with a focus on four different use cases that include: ▪ Analyzing Cyber Threats ▪ Specifying Indicator Patterns for Cyber Threats ▪ Managing Cyber Threat Response Activities ▪ Sharing Cyber Threat Information
  • 7. 7H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Structured Threat Information eXpression (STIX) (cont.) Limitations of STIX: ▪very complex to implement ▪lacks support to reasoning FINSTIX ▪includes both cyber and physical security threats ▪enables the description of organization assets ▪accounts for how they are inter-connected
  • 8. 8H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY STIX Domain Objects
  • 9. 9H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY STIX Domain Objects (cont.)
  • 10. 10H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY STIX Relationship Objects
  • 11. 11H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Knowledge Base (1) ▪ Definition: Technology is used to collect, organize, share and retrieve complex structured and unstructured information representing facts and assertions about the world. ▪ Difference from a simple database: ▪ Does not consist only of tables with numbers, strings, dates, etc. ▪ Contains objects with pointers to other objects that, in turn, have additional pointers ▪ Two major types of knowledge bases: ▪ human-readable : knowledge base enables the users to access and use the knowledge ▪ machine readable
  • 12. 12H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Knowledge Base (2) ▪Two major types of knowledge bases: ▪ Human-readable : ▪ knowledge base enables the users to access and use the knowledge ▪ consist of documents, manuals, troubleshooting information, and frequently answered questions ▪ interactive and can lead the users to the solutions to their problems, relying on the information provided by expert users to guide the process ▪ Machine-readable : ▪ stores knowledge in system-readable forms ▪ limited in interactivity
  • 13. 13H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY FINSEC Security Knowledge Base (1) ▪Information from different external sources of Cyber Threat Intelligence is collected ▪Structure of the knowledge base = definition of relationships between the different assets and of their interactions as part of the critical ▪Definitions enable identification and registration of known attack patterns against the infrastructure ▪Type of knowledge base : ▪mixture of human and machine-readable
  • 14. 14H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY FINSEC Security Knowledge Base (2) To suit the FINSEC needs, the content of the Security Knowledge Base satisfies two essential requirements: 1. It should be structured in order to enable automatic processing 2. It should include information on the infrastructure and the organization assets, for enabling the FINSEC Platform to perform Cyber and Physical Threat Intelligence
  • 15. 15H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The FINSTIX solution
  • 16. 16H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Security Knowledge Base Data Model ▪ To realize a knowledge base, need to design the appropriate data model, which is the format used to represent the information contained in the knowledge base ▪ Option #1 : ▪ Define a completely new set of objects coping with the business requirements of the considered use cases ▪ This approach incorporates the risk of missing other relevant cases ▪ Option #2: ▪ Employ an existing standard (or mix of standards) and then extend is such that missing components can be added The Edge Tier contains the Actuation Enabler and a Data Collection module ▪ FINSEC follows option #2
  • 17. 17H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY From STIX to FINSTIX ▪STIX limitations: ▪ it does not provide for an accurate representation of the financial institution infrastructure ▪ does not envisage physical systems, but it is rather limited to the cyber ones ▪Two possible extensions of STIX: 1. consists in the definition of custom parameters into STIX Domain Objects already defined by the standard itself 2. consists in the definition of brand-new custom objects. FINSEC follows both approaches
  • 18. 18H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY FINSTIX Domain Objects (1) Name Description Organization Financial organization. Asset Organizations’ valuable infrastructure. PCs, server rooms, ATMs, applications, and everything inside an organization that is crucial. Area of Interest Logical/physical area, for example, an indoor area (server room). Service A collection of assets forming a publicly exposed service, for example, a web application. Probe Object used to support monitoring infrastructure. A Probe usually monitors one or more areas of interest. Probe Configuration Data sent to a probe to configure details such as the area under monitoring or the bit rate of the monitoring process. Event Information on something happened/happening.
  • 19. 19H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY FINSTIX Domain Objects (2) Name Description Collected data A group of observed data collected by the network probe. Agent Person involved in the events created by the probes. Risk The calculated risk for a specific asset or service. The upper levels of FINSEC calculate it in real-time. Risk Configuration Parameter specification to optimize the risk assessment process. It defines the triggers and other useful options. Regulation An object used to depict a regulation violation. Vulnerability score Rating used to provide a score to a vulnerability. Cyber-Physical Threat Intelligence Data set fed and enriched by threat information as soon as they are gathered from the probes and processed by the Predictive Analytics module.
  • 20. 20H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Security Knowledge Base Architecture (1) ▪The SKB Database, which stores the knowledge ▪SKB Engine, which manages the operations on the database. It exposes REST API to interact with the other modules ▪The connectors (one for each external source), which translate the information coming from external threat intelligence sources into the data model to promote homogeneity and integrity among the FINSEC services
  • 21. 21H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Security Knowledge Base Architecture (2)
  • 22. 22H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The FINSEC Security Knowledge Base One of the modules contained in the Data Tier of the FINSEC Reference Architecture Security Knowledge Base will be to collect information coming from different sources of Cyber Threat Intelligence Value of the Security Knowledge Base compared to the existing ones is the definition of the relationships between different assets and their interactions as part of the critical infrastructures of the financial sector Service Tier to consume the information contained in the Knowledge Base for producing new Cyber and Physical Threat Intelligence Service Tier will feed the Security Knowledge Base with this new information
  • 23. 23H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Integration with the Dashboard and the Collaborative Risk Management Module ▪The Collaborative Risk Management module: ▪ Retrieves the vulnerabilities and the related scores affecting the assets that compose the service; ▪ Calculates the individual asset risk for each asset composing the service, based on the affecting vulnerabilities, the impact and the threat level for the asset itself; ▪ Calculates the service risk starting from the assets’ individual risks. ▪ The user (e.g., Security Officer, Member of CERT/CSIRT teams) can see information on the organization services in the Service page of the Dashboard
  • 24. 24H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Visualization of the Criticality of vulnerabilities
  • 25. 25H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Visualization of Vulnerabilities affecting the infrastructure
  • 26. 26H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Risk management module Risk Management module to calculate the risk associated with the infrastructure services. The Collaborative Risk Management module: ▪Retrieves the vulnerabilities and the related scores affecting the assets that compose the service; ▪Calculates the individual asset risk for each asset composing the service, based on the affecting vulnerabilities, the impact and the threat level for the asset itself; ▪Calculates the service risk starting from the assets’ individual risks.
  • 27. 27H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Visualization of Risk Associated with the Service