The security measures and technology employed in small financial organizations is often not of top priority due to high costs. This in combination with the lack of in-house knowledge lead small financial organizations to low awareness of their security risks. As a result, many of these SMEs are not well protected and their infrastructure may be used by attackers as an entry point to the large financial institutions they cooperate with as they talso end to outsource security issues to their network administrator or a dedicated managed security service provider (Figure 1).
As a solution to this problem the FINSEC platform is able to offer SECaaS as an automated security service provider dedicated for small financial organizations. We foresee that through this solution we will assist SMEs to achieve cost-reduction based on the deployment of the SECaaS model as well as the timely prevention of attacks against connected infrastructure (using the SMEs infrastructures as entry point).
As illustrated in Figure 2, the SECaaS employs the tools and services of the FINSEC platform such as the SIEM, Risk Assessment Engine and Vulnerability Assessment such that it can generated generate corresponding x-event and observed-data FINSTIX object and thus if needed, raise alarms and display warnings on the dashboard.