Fill out the form to stay updated on ecosystem innovation topics, activities and opportunities Cetif
More than 30,000 professionals make up the ecosystem of Cetif: we facilitate the meeting and exchange between banks, insurers and companies in an academic Center, competent and independent environment to share knowledge, experience and strategies on the most innovative drivers of change.
16 Research Hubs focused on dynamics of strategic evolution, regulatory updates, organizational and process practices, and the effects of digitization: we study innovation trends and best practices and share them with our communities.
Over 60 events including Main events (Workshop and Summit) and Community events (related to research activities) and Webinar: we bring together banks, insurance companies and businesses for shared growth on trends and challenges to outline innovative development strategies.
More than 40 Executive Education tracks, 4 Master's programs and numerous Company Specific Programs: we transfer innovative financial-oriented content with a scientific approach.
An experimental spin off combining academic research and entrepreneurial approach: we turn innovation and digitization into a concrete business advantage.
The results of a new study on cybersecurity management in the financial sector have been published by Cetif Research, the Research Center ofUniversità Cattolica del Sacro Cuore in Milan, in collaboration with Spike Reply, a Reply Group company. The survey, submitted to leading national financial institutions, thanks to the discussion had between the participants of the annual research path of Cetif and Spike Reply, allowed a highly representative analysis of the sector, highlighting the investments in cybersecurity that the structures are making, both at the organizational and technological level, also to comply with the indications of the Digital Operational Resilience Act
(Dora).
The results show that, at the organizational level, there are three areas within financial institutions that play a key role in cybersecurity: the Chief Information Security Officer (Ciso), which appears to be the main decision maker in cybersecurity management and planning, implementation, monitoring and control activities, overseeing specialized consulting, research and development, internal communication and training; the Strategy & Governance area, which is increasingly involved in the exercise and implementation of security measures; and the Risk area, with a more prominent role particularly in the banking sector.
Social engineering, phishing, smishing and vishing are confirmed to be the main modes of attack toward customers, while institutions face an increase in phishing, malware and ransomware campaigns . On the other hand, considering the economic impacts toward institutions, the only attacks from which a medium impact seems to result are phishing campaigns.
To mitigate these risks, in addition to organizational strengthening, the adoption of an integrated Security by Design model and the necessary increase in employee training hours, financial institutions are investing in advanced technologies such as multi-factor authentication and biometrics, prevention measures (antivirus, antispyware, firewall, Xdr), access control (Identity & Access Management, Zero Trust Network Access), network technologies (Vpn, Swg, Siem) and Artificial Intelligence-based solutions.