INTRODUCING CERTFin


 

CERTFin (the Italian Financial CERT) is a cooperative public-private initiative aimed at increasing the capacity of cyber-risk management from banking and financial operators and the cyber-resilience of the Italian financial sector through an operational and strategic support for prevention, preparation and response to cyber-attacks and security incidents.

In line with the National Strategy and framework for the cybersecurity, CERTFin acts consistently with the whole set of institutional activities running in Italy and focused on cybersecurity and protection of critical infrastructures, further broadening the network of institutional stakeholders and of national and international experts.

CERTFin is governed by the Italian Banking Association (ABI) and the Bank of Italy, which share responsibility for appointing the organisation's chairman, and is operated by the ABI Lab Consortium. Service are offered and supplied according to a cooperative approach, thanks to the active participation of the Italian financial operators.

 

WHAT CERTFin DOES


CERTFin offers qualified services on information security for the benefit of its Constituency via the following activities: Financial Info Sharing and Analysis Center (FinISAC); Observatory on Cyber Knowledge and Security Awareness; Cyber-emergency Operating Center.

In addition, CERTFin cooperates with a large community of public and private entities and acts as a centralized hub of the financial sector in the dialogue with other strategic sectors and operators on cybersecurity topics.
 
   

Financial Info Sharing and Analysis Centre (FinISAC)

Exchange of information about threats, vulnerabilities and incidents, updates on the status and development of cyber-threats and possible countermeasures, periodic update reports, and analyses of cyber-frauds and cyber attacks.

 

 Observatory on Cyber Knowledge and Security Awareness 

Study of applicable legislation pertaining to cyber-security and IT risk, surveys and statistical analyses, planning of awareness campaigns on cyber-security issues, and participation in exercises and simulations involving the main players.

 

Cyber-Emergency Operating Centre

Analysis and coordination in response to security incidents with the aim to reinforce the internal capacities of affected member organisations in terms of technologies and/or processes. Updates and dissemination of efficient strategies based on previous experiences.

 

 

ON THE SPOTLIGHT


EMMA 3
European Money Muling Action
in coll. with Europol and Italian Police

"Secure payments"
Home banking, cards, e-commerce without risk
in coll. with ABI Servizi

 

 

WHO CAN PARTICIPATE IN CERTFin 


Participation in CERTFin is open, on a voluntary basis, to all companies in the Italian banking and financial sectors, such as payment service providers, banking and financial intermediaries, insurers, market infrastructure managers, service centres and providers of technological services relating to the payment system.


Other financial sector authorities and trade associations can also take part in CERTFin's work, by mutual agreement.

 

THE VALUE OF PARTICIPATING IN CERTFin


CERTFin gives the opportunity to the entities:

  • to enable members to share information about cyber-attacks securely and confidentially, improving the efficiency of information exchange;
  • to share types and mechanisms of fraud and incidents specific to the banking sector, from the standpoint of services, processes and technologies;
  • to support coordination in cases of cyber-incidents;
  • to develop industry-wide cyber-intelligence activity;
  • to increase situational awareness in cyber-security matters;
  • to enhance the network of institutions and cyber-experts in Italy and internationally.

 

 

HOW TO JOIN CERTFin


Participation is restricted.

Contact us:

 info@certfin.it

 (+39) 06 6767.327

 (+39) 06 6767.775