INTRODUCING CERTFin

CERTFin (the Italian Financial CERT) is a cooperative public-private initiative aimed at increasing the capacity of cyber-risk management from banking and financial operators and the cyber-resilience of the Italian financial system through an operational and strategic support for prevention, preparation and response to cyber-attacks and security incidents.

In line with the National Strategy and framework for the cybersecurity, CERTFin acts consistently with the whole set of institutional activities running in Italy and focussed on cybersecurity and protection of critical infrastructures, further broadening the network of institutional stakeholders and of national and international experts.

CERTFin is governed by the Italian Banking Association (ABI) and the Bank of Italy, which share responsibility for appointing the organisation's chairman, and is operated by the ABI Lab Consortium. Service are offered and supplied according to a cooperative approach, thanks to the active participation of the Italian financial operators.

 

 

WHO CAN PARTECIPATE IN CERTFin 

Participation in CERTFin is open, on a voluntary basis, to all companies in the Italian banking and financial sectors, such as payment service providers, banking and financial intermediaries, insurers, market infrastructure managers, service centres and providers of technological services relating to the payment system.

Other financial sector authorities and trade associations can also take part in CERTFin's work, by mutual agreement.

 

 

 

WHAT CERTFin DOES

CERTFin offers and proposes qualified services on information security topics to the benefit of its Constituency via the following activities: Financial Info Sharing and Analysis Center (FinISAC); Observatory on Cyber Knowledge and Security Awareness; Cyber-emergency Operating Center.

Moreover, CERTFin cooperates with a large community of public and private entities and acts as a centralized hub of the financial sector in the dialogue with other strategic sectors and operators on cybersecurity topics.
 
   

Financial Info Sharing and Analysis Centre (FinISAC)

Systematic exchange of information about threats, vulnerabilities and incidents, updates regarding the status and development of cyber-threats and the possible countermeasures to take, periodic update reports, and analyses of cyber-frauds and cyber attacks.

 

 Observatory on Cyber Knowledge and Security Awareness 

Study of applicable legislation pertaining to cyber-security and IT risk, surveys and statistical analyses, planning of awareness-raising campaigns on cyber-security issues, and participation in exercises and simulations involving the main players.

 

Cyber-Emergency Operating Centre

Analysis and coordination in response to incidents, artefacts and security vulnerabilities, aimed at reinforcing the internal capacities of affected member organisations at the level of technologies and/or processes and updates and dissemination at the industry level of the most appropriate strategies in response, on the basis of lessons learned.

 

 

THE VALUE OF PARTICIPATING IN CERTFin

     
 

CERTFin will allow the banking and financial sector:

  • to enable members to exchange information about cyber-attacks securely and confidentially, under coordination by common procedures, and thus to improve the punctuality of the exchange of information;
  • to share types and mechanisms of fraud and incidents specific to the banking sector, from the standpoint of services, processes and technologies;
  • to support coordination in cases of cyber-incidents;
  • to develop industry-wide cyber-intelligence activity;
  • to increase situational awareness in cyber-security matters;
  • to enhance the network of institutions and cyber-experts in Italy and internationally.

 

 

HOW TO JOIN CERTFin

 

Participation is restricted.

Contact us:

 info@certfin.it

 +39 06 6767 327

 +39 06 6767 775