The digital transformation of the society has created several opportunities for EU citizens and companies. On the other side, new risks and threats scenarios are emerging with severe consequences to our economies and societies.

The financial sector is one of the most targeted due to the financial gain, the quantity of managed personal/sensitive information and data, and its role as critical infrastructure in the global economies. Moreover, it is well known that in a digital financial ecosystem where all actors are deeply interconnected, cyber resilience of a single entity depends not only on its own readiness, but also on that of its service providers and operators, and, definitely, of the Financial Sector as a whole.

Several regulatory bodies are converging towards a threat-informed or intelligence-led testing framework for assessing cyber-risk vulnerability and resilience. An intelligence-led framework goes beyond a simulated cyber-attack to test a bank’s cyber-risk vulnerability and resilience.

>>> Such frameworks will stress and improve the coordination and the communication procedures that operators and Authorities need to activate in case of cyber incidents. 



In February 2018, ABI Lab awarded from the European Commission the research project - Readiness Enhancement to Defend Financial Sector project (REDFin) - to increase the levels of cyber resilience of the Italian financial sector. REDFin initiative was set in response to the CEF Telecom Calls 2017 (CEF-TC-2017-2: Cyber Security), aiming to support the n/g CERTs/CSIRTs to create, maintain or expand capacities to reach a state of preparedness.

The project will innovate the approach to provide concrete testing and simulation models, to enhance the capability of the sector to prevent and respond to cyber-attacks and provide new inputs to the EU Institutions.

Moreover, the lessons learned from this project should be able to feed the European debate and would inspire national and European policy makers on both values and issues with possible responses related to the cyber security exercises.



The REDFin project aims at increasing the capabilities of CERTFin and the levels of readiness and awareness through:

- adoption of a new and advanced Threat Scenario Identification methodology able to gather financial specific information to identify concrete/real cyber risk scenarios to be used for exercises

- exploiting of feeds and results gathered from the application of the methodology to identify potential attack points across the financial institutions and develop realistic threat scenarios that will be used during exercises

- elaboration of a consistent Cyber Table-Top exercises and Red Teaming plan based on the developed threat scenarios and coherent with the pillar and strategic decision of the Eurosystem’s cyber resilience strategy

- sharing of knowledge with the constituency, in order to prepare CERTFin operators for the execution and management of Cyber Table Top and Red teaming exercises



- Increase the capacity of coordination and response through exercises and simulations

- Improve collaboration and information sharing among banks, LEAs and regulatory bodies within the CERTFin constituency

- Improve the quality of staff training through a better understanding of threat scenarios

- Verify the effectiveness of the detection and response processes implemented

- Increase their own level of readiness and cyber-resilience

- Build a common knowledge base (framework) within the Financial sector

Definitely, REDFin will allow to raise awareness on the findings of the action, among local and EU stakeholders, and encourage the adoption of project’s recommendations on common strategies and tools to fight cyber crime.



1. Project Management
   • Project Plan
   • Data Management Plan
   • Kick-off meeting
   • Business sustainability model
   • Final technical report

2. Analysis of cyber tabletop and red teaming exercises
   • Report describing the current context of cyber exercises of the Banking sector in Europe

3. Methodologies and operating models for the identification of threat scenarios and for cyber tabletop and red teaming
   • Threat Scenario Identification methodology/operating model
   • Cyber Tabletop methodology/operating model
   • Red Teaming methodology/operating model

4. Identification of cyber threat scenarios
   • Threat Scenario development report

5. Execution of cyber tabletop and red teaming exercises
   • Cyber Tabletop exercise result report
   • Cyber Tabletop lessons learnt analysis report
   • Red Teaming results report
   • Red Teaming lessons learnt analysis report

6. Dissemination
   • Final presentation of project result, and brochure and publications


- - - - - - - - - - 



REDFin Project n° 2017-IT-IA-0100  is co-financed by the European Union's Connecting Europe Facility (CEF) TELECOMMUNICATIONS SECTOR GRANT AGREEMENT N° INEA/CEF/ICT/A2017/1528669

- - - - - - - - - - 

The sole responsibility of this publication lies with the author.
The European Union and the Agency (INEA) are not responsible for any use that may be made of the information contained therein.