We provide customised and continuous security and privacy assessment solutions, covering the full range of socio technical aspects of modern enterprise, for internal risk management and/or external security audit and certification. Our solutions are based on our novel security assurance and certification platform and its advanced analytics and cyber intelligence.
Sphynx has been awarded a new project, called Smart Bear, to develop a big data platform offering evidence-based personalised support for Healthy and Independent living at home. SMART BEAR will be funded by the H2020 programme and will develop an innovative platform with off-the-shelf smart and medical devices, at TRL9, to support the healthy and independent living of elderly people with five prevalent health-related conditions; notably Hearing Loss, Cardio Vascular Diseases, Cognitive Impairments, Mental Health Issues and Balance Disorders, as well as Frailty. This will be achieved through intelligent, evidenced-based interventions on lifestyle, medically-significant risk factors, and chronic disease management, enabled by the utilisation of continuous and objective medical and environment sensing, assistive technologies and big data analytics. The platform will be validated through five large scale pilots, involving five different countries and 5.000 individuals, across Europe. The total cost of the project will be in excess of 20m Euro.
What we do: We develop customised security and privacy assurance and risk management solutions for clients. We work on several externally and internally funded R&D projects to enhance the capabilities of our products. We have a special focus in the healthcare, telecoms and energy sectors. We leverage on security analytics, big data and IoT technologies.
What we look for: Hard working, motivated, and creative thinking minds. Strong technical background in the technologies of our focus. Comprehensive interpersonal communication skills and ability to work with clients in diverse industries.
What we offer: Competitive remuneration based on experience and qualifications. Dynamic and multi cultural work environment. Exposure to cutting edge technologies. Internal training and training through secondments to our academic collaborators.
If you are interested in a career in a high performing team environment, then we would like to hear from you: innovation [at] sphynx.ch
Sphynx has developed a security and privacy assurance platform to enable customised and continuous assessment of the security and privacy of your enterprise and comprehensive risk management. The platform offers:
The platform can be used through onsite installations or as-a-service.
Sphynx has developed a platform for model driven data analytics. The platform supports batch mode and real time data stream processing, based on the use of noSql data technologies (Hive, SPARK). Key innovative features of the platform include:
Sphynx offers customised services for enterprise security assurance. These enable our clients to set up security assessments, based on industrial and international standards (e.g., cloud, network, smart metering standards). The assessments are based and leverage on outcomes of the built in analytic capabilities of the Sphynx’s security and privacy assurance platforms as well as external tools, including threat analysis, vulnerability and penetration testing, continuous monitoring at all levels of the enterprise system implementation stack, sophisticated event processing and anomaly pattern detection. Our solutions enable the configuration of security assessment, reporting and certification to the needs of different stakeholders ranging from senior management to external auditors and regulators. Our security consultants will support you in setting up and security and privacy assurance program covering the specific needs for your enterprise, establish the connectivity required with your enterprise systems in order to obtain the evidence required for the different types of assessment, configure the reporting of the platform to your needs, and train your personnel in overseeing the assurance program using the platform.
Once on an enterprise security and privacy assurance program is set up with the use of the assurance platform of SPHYNX, several pre-defined risk analysis and management capabilities will become available to enable enterprise stakeholders carry out security and privacy risk management at various levels. These capabilities include, for example, technical impact and risk analysis, what-if scenarios, and valuation of risk. The available platform capabilities can be extended and customised with the help of our consultants.
Our security and privacy assurance platform supports the preparation of enterprises for audit and certification purposes. This is possible through the set up of special purpose enterprise assurance programs to address particular standards and requirements (e.g., ISO 27K, Common Criteria, GDPR). The wide range of templates that are pre-built into the platform make it possible to set such programmes up for an organisation in a pre-validated manner. Furthermore, where necessary, our consultants can help enterprises to configure the assessment and reporting capabilities of the platform in order to meet specialised standards (e.g., for medical and/or IoT devices) and/or to address particular security and privacy (including GDPR) audit and reporting requirements.
We offer various training programmes on security audit and certification. These cover security standards (e.g., ISO 27K, Common Criteria), regulatory frameworks (e.g., GDPR), certification schemes and are available in two basic flavours., i.e., in a technical and a management centric frameworks. We can also set up specialised training schemes for specific organisations should that be required.
Overview: CyberSANE is aimed at developing a novel framework to improve the detection and analysis of cyber-attacks and threats on critical infrastructures and to increase the knowledge on the current cyber threat landscape. The framework will support human operators (such as Incident Response professionals) to dynamically increase preparedness, improve cooperation amongst CIIs operators, and adopt appropriate steps to manage security risks, report and handle security incidents.
Overview: C4IIoT is aimed at building and demonstrating a novel and unified IIoT cybersecurity framework for malicious and anomalous behaviour anticipation, detection, mitigation, and end-user informing. The framework provides a holistic and disruptive security-enabling solution for minimizing attack surfaces in IIoT systems, by exploiting (i) emerging security software and hardware protection mechanisms; (ii) state of the art machine and deep learning and privacy-aware analytics; (iii) novel encrypted network flow analysis; (iv) secure-by-design IIoT device fabrication; and (v) blockchain technologies, to provide a viable scheme for enabling security and accountability, preserving privacy, enabling reliability and assuring trustworthiness within IIoT applications. The C4IIoT framework will be demonstrated and validated on two carefully selected use cases in real world environments, namely Enabling security IIoT in (i) Inbound Logistics and (ii) a Smart Factory.
Overview: The overall goal of RESIST is to increase the resilience of seamless transport operation to natural and man-made extreme events, protect the users of the European transport infrastructure and provide optimal information to the operators and users of the infrastructure. The project will address extreme events on critical structures, implemented in the case of bridges and tunnels attacked by all types of extreme physical, natural and man-made incidents, and cyber-attacks. Sphynx's contributions will in developing support for the security and resilience of critical infrastructures management systems against cyber-attacks.
Overview: SEMIoTICS aims to develop a pattern-driven framework, built upon existing IoT platforms, to enable and guarantee secure and dependable actuation and semi-autonomic behaviour in IoT applications. Patterns encode proven dependencies between security, privacy, dependability and interoperability (SPDI) properties of individual smart objects and corresponding properties of orchestrations involving them. The SEMIoTICS framework will support cross-layer intelligent dynamic adaptation, including heterogeneous smart objects, networks and clouds, addressing effective adaptation and autonomic behaviour at field (edge) and infrastructure (backend) layers based on intelligent analysis and learning.
Overview: SPIDER delivers an innovative Cyber Range as a Service platform that extends and combines the capabilities of existing telecommunication testbeds and cyber ranges into a unified facility for (i) testing new security technologies, (ii) training modern cyber defenders in near real-world conditions, and (iii) supporting organizations and relevant stakeholders in making optimal cybersecurity investment decisions. At its core, it is a highly customizable dynamic network modelling instrument that enables real-life virtualization and real-time emulation of networks and systems. This will be complemented by cyber econometric capabilities, enabling users to forecast the evolution of attacks and their associated economic impact through the application of innovative risk analysis methodologies, econometric models and real-time attack emulation.
Overview: THREAT-ARREST aims to develop an advanced training platform incorporating emulation, simulation, serious gaming and visualization capabilities to adequately prepare stakeholders with different types of responsibility and levels of expertise in defending high-risk cyber systems and organizations to counter advanced, known and new cyber-attacks.
Overview: SMART BEAR will develop an innovative platform with off-the-shelf smart and medical devices, at TRL9, to support the healthy and independent living of elderly people with five prevalent health-related conditions; Hearing Loss, Cardio Vascular Diseases, Cognitive Impairments, Mental Health Issues and Balance Disorders, as well as Frailty. This will be achieved through intelligent, evidenced-based interventions on lifestyle, medically-significant risk factors, and chronic disease management, enabled by the utilisation of continuous and objective medical and environment sensing, assistive technologies and big data analytics. The platform will be validated through five large scale pilots, involving five different countries and 5.000 individuals.
Overview: The overall objective of HOLOBALANCE is to develop and validate a new personalized hologram coach platform for virtual coaching, motivation and empowerment of the ageing population with balance disorders. The coaching part will be realised by holograms and augmented reality games, along with easy to use sensors (smart bracelet, smart glasses, sensorized soles) that can be customized to implement and coach the user with specific, individualized exercises, offering new forms of accessible user interaction. Sphynx Technology Solutions is responsible for the security and privacy of the platform.
Overview: Bio-Phoenix aims to develop a bio-inspired paradigm for reconstructing nearly extinct complex software systems based on a novel computational DNA (co-DNA) oriented systems modelling approach. The co-DNA will encapsulate logic and program code and will enable the use of analogues of biological processes for transmitting, transforming, combining, activating and deactivating it across computational and communication devices. The purpose of encoding the co- DNA of a system, and computational analogues of biological processes using it, is to enable other computational devices receiving the co-DNA to act as parts of the system that needs to be reconstructed, realise its functionality, and spread further the system reconstruction process.