SPΗΥΝΧ

About Us

Mission

We provide customised and continuous security and privacy assessment solutions, covering the full range of socio technical aspects of modern enterprise, for internal risk management and/or external security audit and certification. Our solutions are based on our novel security assurance and certification platform and its advanced analytics and cyber intelligence.

News

Sphynx has been awarded a new project, called Smart Bear, to develop a big data platform offering evidence-based personalised support for Healthy and Independent living at home. SMART BEAR will be funded by the H2020 programme and will develop an innovative platform with off-the-shelf smart and medical devices, at TRL9, to support the healthy and independent living of elderly people with five prevalent health-related conditions; notably Hearing Loss, Cardio Vascular Diseases, Cognitive Impairments, Mental Health Issues and Balance Disorders, as well as Frailty. This will be achieved through intelligent, evidenced-based interventions on lifestyle, medically-significant risk factors, and chronic disease management, enabled by the utilisation of continuous and objective medical and environment sensing, assistive technologies and big data analytics. The platform will be validated through five large scale pilots, involving five different countries and 5.000 individuals, across Europe. The total cost of the project will be in excess of 20m Euro.

Careers

What we do: We develop customised security and privacy assurance and risk management solutions for clients. We work on several externally and internally funded R&D projects to enhance the capabilities of our products. We have a special focus in the healthcare, telecoms and energy sectors. We leverage on security analytics, big data and IoT technologies.

What we look for: Hard working, motivated, and creative thinking minds. Strong technical background in the technologies of our focus. Comprehensive interpersonal communication skills and ability to work with clients in diverse industries.

What we offer: Competitive remuneration based on experience and qualifications. Dynamic and multi cultural work environment. Exposure to cutting edge technologies. Internal training and training through secondments to our academic collaborators.

hiring

Open posts

  • Senior Software Architect: Location: Nicosia, Cyprus, Start date: 01/08/2019
  • Security Engineer: Location: Nicosia, Cyprus, Start date: 01/09/2019
  • Software Engineer: Location: Nicosia, Cyprus, Start date: 01/09/2019

If you are interested in a career in a high performing team environment, then we would like to hear from you: innovation [at] sphynx.ch

Our Products

The SPHYNX Security & Privacy Assurance Platform

Sphynx has developed a security and privacy assurance platform to enable customised and continuous assessment of the security and privacy of your enterprise and comprehensive risk management. The platform offers:

  • Hybrid security and privacy assessments that include and combine threat and vulnerability analysis, static analysis, penetration testing and continuous runtime monitoring to provide a comprehensive and multi perspective analysis of the security and privacy posture of an enterprise and its systems
  • Automated threat and vulnerability analysis
  • Interoperability with various system platforms and programmatic connectivity to different systems through appropriate probes (e.g., event captors, test tools) that enable it to obtain the monitoring and/or test evidence required for assurance and/or certification assessments
  • Sophisticated event processing capabilities that can realise complex signature or anomaly-based assessments
  • Model driven customisations to enable the realisation of different security standards and risk management requirements
  • Advanced and customisable reporting for audit purposes

The platform can be used through onsite installations or as-a-service.

The SPHYNX Analytics Platform

Sphynx has developed a platform for model driven data analytics. The platform supports batch mode and real time data stream processing, based on the use of noSql data technologies (Hive, SPARK). Key innovative features of the platform include:

  • a model driven data analytics approach in which analytics are embedded in the context of and driven by models that describe the decision making based on the evidence arising from it, and
  • the execution of trustworthy analytics (e.g., seamlessly embedded checks within the core computations of the SPARK platform Services)

Our Services

Enterprise Security Assurance

Sphynx offers customised services for enterprise security assurance. These enable our clients to set up security assessments, based on industrial and international standards (e.g., cloud, network, smart metering standards). The assessments are based and leverage on outcomes of the built in analytic capabilities of the Sphynx’s security and privacy assurance platforms as well as external tools, including threat analysis, vulnerability and penetration testing, continuous monitoring at all levels of the enterprise system implementation stack, sophisticated event processing and anomaly pattern detection. Our solutions enable the configuration of security assessment, reporting and certification to the needs of different stakeholders ranging from senior management to external auditors and regulators. Our security consultants will support you in setting up and security and privacy assurance program covering the specific needs for your enterprise, establish the connectivity required with your enterprise systems in order to obtain the evidence required for the different types of assessment, configure the reporting of the platform to your needs, and train your personnel in overseeing the assurance program using the platform.

Risk Management

Once on an enterprise security and privacy assurance program is set up with the use of the assurance platform of SPHYNX, several pre-defined risk analysis and management capabilities will become available to enable enterprise stakeholders carry out security and privacy risk management at various levels. These capabilities include, for example, technical impact and risk analysis, what-if scenarios, and valuation of risk. The available platform capabilities can be extended and customised with the help of our consultants.

Audit and Certification

Our security and privacy assurance platform supports the preparation of enterprises for audit and certification purposes. This is possible through the set up of special purpose enterprise assurance programs to address particular standards and requirements (e.g., ISO 27K, Common Criteria, GDPR). The wide range of templates that are pre-built into the platform make it possible to set such programmes up for an organisation in a pre-validated manner. Furthermore, where necessary, our consultants can help enterprises to configure the assessment and reporting capabilities of the platform in order to meet specialised standards (e.g., for medical and/or IoT devices) and/or to address particular security and privacy (including GDPR) audit and reporting requirements.

Trainingand Professional Development

We offer various training programmes on security audit and certification. These cover security standards (e.g., ISO 27K, Common Criteria), regulatory frameworks (e.g., GDPR), certification schemes and are available in two basic flavours., i.e., in a technical and a management centric frameworks. We can also set up specialised training schemes for specific organisations should that be required.

R&D Projects

Cyber Security

Cyber Security Incident Handling, Warning and Response System for the European Critical Infrastructures (CYBERSANE)

Funding source: EU Horizon 2020 Programme: 1/9/2019 – 31/8/2022

Overview: CyberSANE is aimed at developing a novel framework to improve the detection and analysis of cyber-attacks and threats on critical infrastructures and to increase the knowledge on the current cyber threat landscape. The framework will support human operators (such as Incident Response professionals) to dynamically increase preparedness, improve cooperation amongst CIIs operators, and adopt appropriate steps to manage security risks, report and handle security incidents.

Cyber security 4.0: protecting the Industrial Internet of Things (C4IoT)

Funding source: EU Horizon 2020 Programme: 1/7/2019 – 30/6/2022

Overview: C4IIoT is aimed at building and demonstrating a novel and unified IIoT cybersecurity framework for malicious and anomalous behaviour anticipation, detection, mitigation, and end-user informing. The framework provides a holistic and disruptive security-enabling solution for minimizing attack surfaces in IIoT systems, by exploiting (i) emerging security software and hardware protection mechanisms; (ii) state of the art machine and deep learning and privacy-aware analytics; (iii) novel encrypted network flow analysis; (iv) secure-by-design IIoT device fabrication; and (v) blockchain technologies, to provide a viable scheme for enabling security and accountability, preserving privacy, enabling reliability and assuring trustworthiness within IIoT applications. The C4IIoT framework will be demonstrated and validated on two carefully selected use cases in real world environments, namely Enabling security IIoT in (i) Inbound Logistics and (ii) a Smart Factory.

You can find more information at:

Resilient Transport Infrastructure to Extreme Events (RESIST)

Funding source: EU Horizon 2020 Programme: 1/6/2018 – 31/5/2021

Overview: The overall goal of RESIST is to increase the resilience of seamless transport operation to natural and man-made extreme events, protect the users of the European transport infrastructure and provide optimal information to the operators and users of the infrastructure. The project will address extreme events on critical structures, implemented in the case of bridges and tunnels attacked by all types of extreme physical, natural and man-made incidents, and cyber-attacks. Sphynx's contributions will in developing support for the security and resilience of critical infrastructures management systems against cyber-attacks.

You can find more information at:

Smart End-To-End Massive Iot Interoperability Connectivity and Security (SEMIOTICS)

Funding source: EU Horizon 2020 Programme: 1/1/2018 – 31/12/2020

Overview: SEMIoTICS aims to develop a pattern-driven framework, built upon existing IoT platforms, to enable and guarantee secure and dependable actuation and semi-autonomic behaviour in IoT applications. Patterns encode proven dependencies between security, privacy, dependability and interoperability (SPDI) properties of individual smart objects and corresponding properties of orchestrations involving them. The SEMIoTICS framework will support cross-layer intelligent dynamic adaptation, including heterogeneous smart objects, networks and clouds, addressing effective adaptation and autonomic behaviour at field (edge) and infrastructure (backend) layers based on intelligent analysis and learning.

You can find more information at:

Cyber Range

A Cyber Security Platform for Virtualised 5G cyber range services (SPIDER)

Funding source: EU Horizon 2020 Programme: 1/9/2019 – 31/8/Funding source: EU Horizon 2020 Programme: 1/7/2019 – 30/6/2022

Overview: SPIDER delivers an innovative Cyber Range as a Service platform that extends and combines the capabilities of existing telecommunication testbeds and cyber ranges into a unified facility for (i) testing new security technologies, (ii) training modern cyber defenders in near real-world conditions, and (iii) supporting organizations and relevant stakeholders in making optimal cybersecurity investment decisions. At its core, it is a highly customizable dynamic network modelling instrument that enables real-life virtualization and real-time emulation of networks and systems. This will be complemented by cyber econometric capabilities, enabling users to forecast the evolution of attacks and their associated economic impact through the application of innovative risk analysis methodologies, econometric models and real-time attack emulation.

Cyber Security Threats and Threat Actors Training - Assurance Driven, Multi Layer, End-to-End Simulation and Training (THREAT-ARREST)

Funding source: EU Horizon 2020 Programme: 1/6/2018 – 31/5/2021

Overview: THREAT-ARREST aims to develop an advanced training platform incorporating emulation, simulation, serious gaming and visualization capabilities to adequately prepare stakeholders with different types of responsibility and levels of expertise in defending high-risk cyber systems and organizations to counter advanced, known and new cyber-attacks.

You can find more information at:

Healthcare / Big data

Smart Big Data Platform to Offer Evidence-based Personalised Support for Healthy and Independent Living at Home (SMART BEAR)

Funding source: EU Horizon 2020 Programme: 1/7/2019 – 30/6/2023

Overview: SMART BEAR will develop an innovative platform with off-the-shelf smart and medical devices, at TRL9, to support the healthy and independent living of elderly people with five prevalent health-related conditions; Hearing Loss, Cardio Vascular Diseases, Cognitive Impairments, Mental Health Issues and Balance Disorders, as well as Frailty. This will be achieved through intelligent, evidenced-based interventions on lifestyle, medically-significant risk factors, and chronic disease management, enabled by the utilisation of continuous and objective medical and environment sensing, assistive technologies and big data analytics. The platform will be validated through five large scale pilots, involving five different countries and 5.000 individuals.

HOLOgrams for personalised virtual coaching and motivation in an ageing population with BALANCE disorders (HOLOBALANCE)

Funding source: EU Horizon 2020 Programme: 1/12/2017 – 30/11/2020

Overview: The overall objective of HOLOBALANCE is to develop and validate a new personalized hologram coach platform for virtual coaching, motivation and empowerment of the ageing population with balance disorders. The coaching part will be realised by holograms and augmented reality games, along with easy to use sensors (smart bracelet, smart glasses, sensorized soles) that can be customized to implement and coach the user with specific, individualized exercises, offering new forms of accessible user interaction. Sphynx Technology Solutions is responsible for the security and privacy of the platform.

You can find more information at:

Novel architectures

Biologically Inspired Complex Software System Reconstruction at Near Extinction States (BIO_PHOENIX)

Funding source: EU Horizon 2020 Programme (MCSA-RISE): 1/7/2019 – 30/6/2022

Overview: Bio-Phoenix aims to develop a bio-inspired paradigm for reconstructing nearly extinct complex software systems based on a novel computational DNA (co-DNA) oriented systems modelling approach. The co-DNA will encapsulate logic and program code and will enable the use of analogues of biological processes for transmitting, transforming, combining, activating and deactivating it across computational and communication devices. The purpose of encoding the co- DNA of a system, and computational analogues of biological processes using it, is to enable other computational devices receiving the co-DNA to act as parts of the system that needs to be reconstructed, realise its functionality, and spread further the system reconstruction process.

You can find more information at:

Contact Us

Headquarters, Switzerland

Chollerstrasse 35, Zug, 6300, Switzerland

Innovation, Cyrpus

205B, Nicosia Business Centre, 33 Neas Engomis, Nicosia 2409, Cyprus