Consob and the Bank of Italy have agreed on a common strategy for the strengthening of the cyber security of the Italian financial sector through specific measures related to financial infrastructures: payment systems, central counterparties, central depositories and securities trading venues.
By the recognition of the value of a cooperative and synergic approach, the strategy aims to fight the cyber threats related to the development of both new technologies and the digital economy, increasing the protection of both the financial operators and the digital services offered to citizens, business and public administration, as well as to ensure the reliability of the financial system as a whole.
The joint action plan covers several areas of intervention: regulation and supervision, public-private cooperation, training and development of awareness on cyber risks.
In particular, Consob and the Bank of Italy will make use of cyber risk assessment tools already adopted in the Eurosystem framework, such as Cyber Resilience Oversight Expectations for Financial Market Infrastructures (CROE), a methodology for cyber risk supervision. Consob and the Bank of Italy will also develop TIBER-IT, a model for the deployment of tests, resulting from the European framework of Threat Intelligence-Based Ethical Red Teaming (TIBER-EU), also evaluating its scope, methods and timing of application to the various financial entities, according to a gradual principle taking into account the preparation level of the operators.