3 min read

DeNexus Trusted Ecosystem: Data Security Foundation for CRQM

Featured Image

'DeNexus Trusted Ecosystem: Data Security Foundation for Cyber Risk Quantification and Management' is a new blog written by DeNexus' Chief Technology Officer, Alessandro Nepoti.

Dealing with cyber data is very delicate. And even more when we talk about highly sensitive data from physical critical infrastructures, the backbone of our digital civilization.

This data is valuable not only for the owners of the physical critical infrastructures what is my cyber posture and risk? - and for insurers – what is the risk profile I’m evaluating? -. It is also valuable for cyber attackers – where are the vulnerabilities that I can exploit?where vulnerabilities are not protected with controls? -.

Here, a well-structured, data-trusted ecosystem forms the foundation for effective risk quantification in DeNexus. The DeNexus Trusted Ecosystem allows for a secure way to preserve the information and its integrity, and to share it with the different stakeholders in the cyber risk management and transfer chain. From asset/risk owners to risk managers, cybersecurity practitioners, underwriters, reinsurers and alternative capital providers, Insurance Linked Securities (ILS) investors and funds.



DeNexus and our customers rely on data to make critical decisions, and this reliance has led to the need for a robust data ecosystem. The DeNexus Trusted Ecosystem is built on a foundation of robust standards procedures encompassing data collection, storage, analysis, and sharing, creating a framework of interconnected components. Ensuring trust within these ecosystems is a matter of ethical responsibility and a technical challenge.

Data Governance:  The governance implemented in the DeNexus Trusted Ecosystem defines how to manage data throughout its lifecycle. This includes data lineage, encryption, retention policies, data archival, and data disposal procedures to minimize the risk of data leaks or unauthorized access to data.

Data Encryption:   With multi-key encryption, a robust security measure involving multiple encryption keys to protect data, the DeNexus Trusted Ecosystem encrypts data at rest and in transit using different keys. Even if one key is compromised, the data remains secure because attackers need access to all keys to decrypt it. 

 With multi-key encryption, DeNexus and its customers have control over their encryption keys, ensuring that data sovereignty remains within their jurisdiction and under their control.

Data Lineage:  To track and visualize data as it moves through various processes and systems within the organization, a data lineage is implemented to provide a comprehensive record of where data originates, how it is transformed, and where it is ultimately consumed.

This transparency is invaluable for building trust in data, as it allows DeNexus and his stakeholders to understand data's journey from source to destination clearly.

 Data lineage provides transparency and accountability, while multi-key encryption safeguards data, enabling organizations to build trust with stakeholders and comply with data protection regulations. By incorporating these practices into DTE, DeNexus can foster a data trust and security culture in an increasingly data-centric world.

Access Control:  Controlling who can access what data is crucial. Role-based access control (RBAC) and attribute-based access control (ABAC) are methods used to grant permissions based on predefined roles or attributes. Implementing fine-grained access control the DeNexus Trusted Ecosystem ensures that only authorized individuals or systems can access specific data, reducing the risk of data breaches.

Data Integrity:  The DeNexus Trusted Ecosystem must maintain data quality and integrity. Data validation checks, checksums, and data profiling tools ensure data accuracy, consistency, and reliability. Monitoring data access and changes is essential for maintaining trust. The DeNexus Trusted Ecosystem implements comprehensive data auditing and monitoring systems that allow for real-time detection of suspicious activities.

Secure Data Sharing:  Sharing data across organizational boundaries is often necessary. The DeNexus Trusted Ecosystemimplements secure data sharing mechanisms through APIs with OAuth2 authentication, that ensures that data is shared only with authorized parties and maintains confidentiality during transit.

Data Security:  Technical failures and disasters can disrupt data ecosystems. Robust disaster recovery and backup strategies, including off-site backups and automated failover mechanisms to ensure data availability and integrity.

Technical measures alone are not enough. Training and raising awareness among DeNexus’ employees about data security best practices is essential. Robust standards and procedures, along with SOC2 Type 2 Certification, play a pivotal role in establishing and maintaining trust.

In conclusion, the DeNexus Trusted Ecosystem is a combination of technical measures and organizational commitment that secures the efficient and safe collection, storage and transfer of highly sensitive cyber data from physical critical infrastructures.

By adhering to these best practices, DeNexus can not only safeguard their data but also enhance their reputation and credibility as data custodian in an increasingly data-conscious world.


Click Here to read more about the DeNexus Knowledge Center and the DeNexus Trusted EcoSystem.

Click Here to learn more about DeRISK, a comprehensive Cyber Risk Quantification and Management platform!


See the Dashboard and Access The DeRISK Platform! 


Cyber Risk Quantification and Management for Natural Gas Production

'CRQM for Natural Gas Production' is written by DeNexus' Director of OT Cybersecurity,  Donovan Tindill

Read More

Cyber Risk Quantification and Management for Electric Power Generation Systems

'Cyber Risk Quantification and Management for Electric Power Generation Systems' is written by DeNexus' Director of Cybersecurity,  Juan Carlos...

Read More

Cyber Risk Quantification and Management for Electric Transmission & Distribution Systems

'CRQM in Electric Transmission and Distribution Systems' is written by DeNexus' Director of Cybersecurity,  Juan Carlos Cortinas

Read More