The cybersecurity landscape is evolving, with new and advanced threats emerging
on a daily basis.
Data breaches are a particularly costly type of cyber attack, with each data
breach costing companies worldwide an average of $3.86 million
The financial services sector is a lucrative target for cyber attackers, given
the high value and growing sensitivity around financial data. Banks have been
the target of 47% [https://purplesec.us/resources/cyber-security-statistics/] of
financial data breaches, with the banking industry experiencing a 1,318%
year-on-year increase in ransomware attacks in the first half of this year. It
comes as no surprise that cyber attacks pose the biggest threat to banks in
Switzerland, with annual costs exceeding $18 million in 2018.
Aside from the financial services sector, other industries that maintain
sensitive and restricted data are also vulnerable to cyber threats, such as
healthcare. Notable cyber-attacks in 2021 alone include the SolarWinds
breach, DDoS attack on New Zealand's financial institutions and its national
, ransomware cyberattack on Ireland's Health Services (HSE)
Why has existing cyber defence been so ineffective?
Most organizations continue to rely on their own security teams to defend their
networks and infrastructure in isolation. However, with the growing and evolving
threat of cyber-attacks, relying on one’s own cybersecurity data is no longer
enough for an organization to effectively defend against the latest cyber
While some organizations might want to collaborate on their cyber defence,
cybersecurity data, such as incidents, vulnerabilities and attacks, are usually
extremely sensitive, confidential and thus restricted in how it can be used.
Organizations are very reluctant to share these sensitive and restricted data
with their partners or other companies in their industry. But this reluctance
results in organizations not knowing if others are or have been affected by the
This siloed approach has also contributed to the lengthy period an organization
needs to identify data breaches, at an average of 191 days
[https://purplesec.us/resources/cyber-security-statistics/]. As such, today’s
cyber defence is failing and no longer effective.
How can organizations securely collaborate on cyber defence today?
There are currently different ways that organizations can leverage to enhance
their cybersecurity with collaborative cyber defence. We divide them into four
1. Trusted third parties
Trusted third parties act as intermediaries that confidentially manage and
analyze data from multiple organizations, before sharing individual insights and
results with the respective participants.
✔ No technological investment required
✗ Need to trust the third party and the security of their infrastructure
✗ Trusted third party has access to raw, granular data
✗ Need to remove or mask the most sensitive and valuable data
✗ Long project timeline and inflexible scope
2. Software-based encryption techniques
Secure Multiparty Computation (SMPC) and Fully Homomorphic Encryption (FHE) are
based on advanced cryptography that ensures data always remains encrypted and
that no third party is able to see the data even while performing computations
✔ Guarantees are based on mathematical encryption
✔ No need to trust any single party
✔ No hardware-dependency
✔ No one has access to the data
✗ High development and deployment costs
✗ Low scalability
✗ Complex implementation
✗ Need very specialized skillset to audit
✗ Orders of magnitude slower than native computation speed
Pseudonymization ensures that raw data that is identifiable to a person is
replaced by pseudonyms or fictional yet realistic data, thus preserving the
confidentiality of individuals' data. Pseudonymized data can then be analyzed
and insights generated while maintaining data privacy.
✔ Protects data in-use
✔ Reduce risk of identification due to data breach or loss
✔ Facilitate analysis beyond the initial collection purposes
✔ Data minimization
✗ Pseudonymized data is not anonymous, meaning that such data can still be
re-identified if combined with other data.
4. Confidential Computing
With confidential computing, the secure enclave-based encryption in-use
technology, data is encrypted during computation and analysis, while only
aggregated results are generated, thus ensuring that the data's confidentiality
is never compromised.
✔ Data encryption in-use
✔ No one can see the data, not even the platform or cloud provider
✔ Data owners retain full control of their data
✔ Fast computation speed
✔ No communication overhead
✔ High scalability
✔ Easy to audit
✗ Need to trust that Intel/AMD and infrastructure owner won’t collude
✗ Requires specific processor version, which however is deployed on every major
Decentriq's data clean rooms
While each of the categories above has their benefits and drawbacks, we at
Decentriq opted to go with confidential computing technology to power our data
clean rooms [/what-are-data-clean-rooms-and-how-to-pick-the-right-one-for-you/].
This provides your organization with the following benefits:
✔On-demand: Decentriq is a SaaS platform that is ready for enterprise use,
creating a data clean room takes minutes and requires no set up.
✔Cost effective: Our data clean rooms are cheaper to set up, maintain and audit
compared to complex cryptography.
✔Proven: Confidential computing technology is already trusted by multiple
healthcare institutions, finance organizations, and public entities.
✔High performance: Our technology is scalable and performs at near native speed
for all analytics applications, from SQL to custom Python models.
How can organizations join forces in Decentriq's data clean rooms to fortify
Leveraging the benefits of confidential computing, multiple organizations can
collaborate on their confidential cybersecurity data, for example by securely
connecting similar monitoring data via API in Decentriq's data clean room.
This allows participants to retain full control and privacy of their individual
data, while being able to:
1. Better anticipate and identify future cyber attacks
With collective insights, organizations can expand the range of available
intelligence, which will provide better threat analyses and predictions. This
allows organizations to be better prepared and also implement better preventive
2. Improve robustness of incident response plans
With more insight and deeper understanding of a larger volume of past cyber
attacks, organizations refine and enhance their incident response plans to
better cater to a wider range of threats. Organizations can also collaborate on
coordinated responses to similar threats they face.
3. Reduce cybersecurity costs
As organizations work with a larger dataset - without having to expose their own
data or access their fellow participants' data - and potentially coordinate
their responses, they can be more efficient with their cybersecurity spending.
Join forces with your cybersecurity data and fortify your cyber defences today
With the evolving and looming threat of cyber attacks, organizations and their
most sensitive and valuable data are increasingly vulnerable to data breaches.
Organizations need to come together to strengthen the cyber defences of their
industry, and even beyond. A more secure landscape overall can also contribute
to the cybersecurity of each individual organization.
We are already working with multiple stakeholders such as the Swiss Army
[/decentriq-wins-armasuisse-cyber-startup-challenge-2021/] on combining forces
to bolster nations’ and companies’ defences.
> The startup Decentriq is the finalist in the second «Cyber Startup Challenge» of
the DDPS. The company was able to impress the jury at the Cyber Defence Campus
Conference with its innovative data sharing and protection platform.
Reach out to us [https://www.decentriq.com/request/demo] for a quick discussion
on how you could collaborate on sensitive cybersecurity data previously not