EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

A service architecture for an enhanced Cyber Threat Intelligence capability and its value for the cyber resilience of Financial Market Infrastructures

Giuseppe Amato (), Simone Ciccarone (), Pasquale Digregorio () and Giuseppe Natalucci ()
Additional contact information
Giuseppe Amato: Bank of Italy
Simone Ciccarone: Bank of Italy
Pasquale Digregorio: Bank of Italy
Giuseppe Natalucci: Bank of Italy

No 43, Mercati, infrastrutture, sistemi di pagamento (Markets, Infrastructures, Payment Systems) from Bank of Italy, Directorate General for Markets and Payment System

Abstract: In recent years, more and more organizations have been building up or enhancing their own Cyber Threat Intelligence (CTI) capability. Financial entities need to improve their own cyber resilience posture to face the ever-expanding range of money-driven or state sponsored threat actors aiming to undermine the stability of targeted countries by compromising their financial infrastructures. At the same time, the digital transformation process and steadily growing information sharing initiatives make a huge amount of data available for CTI analysis. International committees related to Financial Market Infrastructures (FMI), via commonly agreed policies or directives, and EU institutions, through normative initiatives, are firmly committed to improving the cybersecurity posture of FMIs. To this end, one of the main lines of action is to increase information sharing among financial entities. The large number of heterogeneous information sources and the overwhelming quantity and variety of available data could have negative impacts on the efficiency of CTI activities and compromise the effectiveness of defence capabilities. Therefore, the consolidation and automation of CTI processes must be prioritized in order to improve the effectiveness and sustainability of CTI operations. However, the definition and automation of CTI processes is still at a rather immature stage: for example, well-established and vendor-neutral best practices do not yet exist. The present paper proposes a framework, developed and adopted by the Computer Emergency Response Team of Banca d’Italia (CERTBI) that integrates a taxonomy and specific processes to develop an enhanced CTI capability.

Keywords: CTI service architecture; CTI service components; information triage; intelligence case; technical investigation; security orchestration and automation (search for similar items in EconPapers)
JEL-codes: F50 G20 L50 M15 O33 (search for similar items in EconPapers)
Date: 2023-11
New Economics Papers: this item is included in nep-pay
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.bancaditalia.it/pubblicazioni/mercati- ... 23-043/N.43-MISP.pdf (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:bdi:wpmisp:mip_043_23

Access Statistics for this paper

More papers in Mercati, infrastrutture, sistemi di pagamento (Markets, Infrastructures, Payment Systems) from Bank of Italy, Directorate General for Markets and Payment System Contact information at EDIRC.
Bibliographic data for series maintained by ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-30
Handle: RePEc:bdi:wpmisp:mip_043_23