in the Italian financial system in terms of Cyber Risk and Cyber Resilience.

About us

CERTFin – CERT Finanziario Italiano is a public-private cooperative initiative aimed at increasing the cyber risk management capacity of financial operators and the cyber resilience of the Italian financial system through operational and strategic support activities for prevention, preparation and response to cyber attacks and security incidents.

CERTFin performs its activities in line with the national strategy and with other country-wide institutional initiatives relating to cybersecurity and the protection of critical infrastructure, helping to further develop the national and international network of institutional partners and experts.

CERTFin activities are developed on a cooperative basis for the benefit of all participating financial institutions.

Objectives

  • Create a Single Point of Contact (PoC) for the financial sector
  • Promote public-private and intersectoral cooperation
  • Foster the exchange of information on incidents, cyber threats, vulnerabilities, and lessons learned
  • Study specific cyber events and assess their impact on the system
  • Support incident response and the crisis management process (CODISE)
  • Establish guidelines, methodologies, practices and tools to manage cyber risk
  • Promote awareness and security culture (training / education)
  • Develop international cooperation

Governance and organisation

CERTFin, jointly led by the Bank of Italy and ABI (Italian Banking Association) is operated by ABI Lab under the guidance of a Strategic Committee whose task is to set out policies and lines of development, and a Steering Committee, in charge of defining and overseeing the operational and economic management. Within the Strategic Committee, the insurance sector is represented by IVASS and ANIA, while Consob speaks for the financial sector.

placeholder

              

Strategic Committee

directs CERTFin management policies and defines the lines of development for the sector in view of the evolving threat of frauds and cyber attacks.

Steering Committee

defines the operational management of services offered to members and provides the Strategic Committee with an overall view of unfolding events, their impact on the industry and of the effective measures to be taken both collectively and by individual banks.

Operational Management

coordinates operational activities and the development of CERTFin.

Virtual team

some CERTFin members contribute their own resources to the institution's activities through participation in the virtual team under the decentralised "campus" organisational model, which provides:

  • central coordination by Operations Management
  • the virtual team’s contribution to the activities

Certifications

        



RFC 2350

This document contains a description of CERTFin, its functions and contact information, using the format provided by RFC 2350:

Download