Periodic Reporting for period 2 - SOTER (cyberSecurity Optimization and Training for Enhanced Resilience in finance)
Berichtszeitraum: 2020-09-01 bis 2022-02-28
SOTER has created a comprehensive set of tools that will act as a transformative process of the finance sector, helping their players to increase the cybersecurity level of this critical sector, as one of the key threats to deal with nowadays. SOTER has addressed this issue under a holistic approach, tackling different aspects linked to it, both from the technological perspective and the human factor. In particular, SOTER’s main results are, on the one hand, a cyber secure, complete and robust Digital Onboarding Platform (DOP) that provides a sovereign digital identity through the use of blockchain technology, and facilitates the interconnection between different services, providers and users, and on the other, a cybersecurity training and assessment based on human factor considerations, focused on providing useful tools and actions to help key players in the finance sector to improve their skills and awareness towards cybersecurity issues.
Desk research on cybersecurity competences has been carried out for determining the current best practices, the legal context and cybersecurity considerations. This has provided a starting point and orientation for the cybersecurity trainings. It specifically focuses on the human factor in cybersecurity. SOTER has also explored how companies can increase their cyber resilience and promote the long-term development of a cybersecurity culture.
Since the very beginning, the project has set up its dissemination and communication activities, including a website, social media accounts, printed materials, articles, short videos, and regular newsletters in order to engage stakeholders and promote the project’s activities and results. SOTER has also worked in collaboration with other H2020 projects tackling cybersecurity in order to better understand and tackle cybersecurity issues together. The projects co-organised a number of workshops and public-facing events to better engage stakeholders in the field and to exchange knowledge, lessons learned and best practices on cybersecurity and regulatory standards with a focus on the financial sector.
To complement the technological development, SOTER has engaged with the finance sector to research human factor-based cybersecurity, through social science and humanities-based research. SOTER has sought to further the existing knowledge by combining three complementary strands of research – the first is a combination of desk-based research and an evidence-led qualitative enquiry with both a dedicated end-user and sectoral partners from the fintech community, to see if existing theory and practice are congruent. This strand of the SOTER project has investigated specific aspects of human factor-based cybersecurity, namely incidents, threats and vulnerabilities related to 1) Error, malpractice, and misjudgement 2) Malevolent actors, and 3) Legal and ethical threats. The second strand of research has developed a suite of training materials to be released under open licences, with the goal of increasing cybersecurity resilience across the sector. The developed training materials are based on a comprehensive Cybersecurity Competence Catalogue informed by the industry, that clearly outlines which cybersecurity, information security, and information technology related competences are required by employees of financial services organisations to be cyber-resilient. The overarching goal of the SOTER social sciences based research is to ensure that the finance sector is furthermore protected from ever-increasingly complex threats in regard to the human factor in an ethical and trustful manner, taking into account, not only organisational integrity, but also the individual integrity of all employees involved.