Fill out the form to stay updated on ecosystem innovation topics, activities and opportunities Cetif
More than 30,000 professionals make up the ecosystem of Cetif: we facilitate the meeting and exchange between banks, insurers and companies in an academic Center, competent and independent environment to share knowledge, experience and strategies on the most innovative drivers of change.
16 Research Hubs focused on dynamics of strategic evolution, regulatory updates, organizational and process practices, and the effects of digitization: we study innovation trends and best practices and share them with our communities.
Over 60 events including Main events (Workshop and Summit) and Community events (related to research activities) and Webinar: we bring together banks, insurance companies and businesses for shared growth on trends and challenges to outline innovative development strategies.
More than 40 Executive Education tracks, 4 Master's programs and numerous Company Specific Programs: we transfer innovative financial-oriented content with a scientific approach.
An experimental spin off combining academic research and entrepreneurial approach: we turn innovation and digitization into a concrete business advantage.
In the financial sector, cybersecurity—understood as defensive technologies—is evolving into cyber resilience: a systemic and proactive ability to prevent, absorb, and respond to attacks. The traditional approach, centered on perimeter protection and reactive tools, is giving way to integrated models that require end-to-end operational continuity, cross-functional collaboration, and enhanced capabilities.
In this context, even traditional concepts such as disaster recovery and business continuity lose their distinct identity. There are no longer isolated functions dedicated exclusively to crisis management: resilience becomes a shared responsibility, integrated into core processes and strategic decisions. Incident management is thus carried out as part of the organization’s normal operations, with a proactive and systemic approach.
An evolving landscape: more sophisticated threats, a more structured response
The shift toward cyber resilience is driven by an increasingly complex operational environment. Pervasive digitalization, interconnected ecosystems, and geopolitical tensions are leading to a significant increase in the frequency and sophistication of cyberattacks.
Data from the Cybersecurity HUB clearly highlights this trend. Forty-three percent of the market reported an increase in phishing campaigns, confirming the constant pressure on organizations and the central role of the human factor. At the same time, malware remains a structural threat: 50% of organizations detect attacks multiple times a day, a sign of an evolving capability that makes these tools particularly difficult to contain.
Furthermore, ransomware—which has seen a sharp increase, accounting for 25% of the market—continues to dominate, as it allows attackers to directly profit through ransom payments by exploiting their ability to disrupt operations, encrypt critical data, and lock down essential systems. At the same time, 83% of the market reports having successfully repelled Denial of Service attacks, indicating a tangible strengthening of defensive capabilities.
The picture is clear: the severity of the threat is increasing, but so is the maturity of organizations. The real distinguishing factor, therefore, lies in the ability to combine prevention, effective response, and continuous adaptation to evolving scenarios.
From Control to Resilience: Integration and Governance
The shift from cybersecurity to cyber resilience is also clearly reflected in governance models. Whereas security was previously managed as a specialized function, today it is viewed as a cross-functional capability, integrated into decision-making processes and risk management frameworks. This change is also being accelerated by the regulatory environment. The entry into force of DORA and evolving regulations are imposing stricter standards in terms of operational resilience, ICT risk management, and supply chain control.
A key indicator of this trend is the growing integration between cybersecurity and business. According to the Cybersecurity HUB, 81% of organizations have formalized collaboration on cyber risk identification and analysis, while participation in testing activities has reached 100%, highlighting an increasingly close alignment between technical and strategic dimensions.
Resilience is therefore built through integrated governance models, in which security, risk, and business operate in a coordinated manner, moving beyond siloed organizational structures.
Technologies and Processes: Toward a Proactive Model
The shift toward cyber resilience is also reflected in technological choices and operational models. Financial institutions are investing in solutions that enable them to anticipate threats and reduce response times.
Artificial Intelligence and Machine Learning are increasingly being used for anomaly detection and fraud detection, while threat intelligence platforms provide a broader, more contextualized view of risk. XDR solutions, Zero Trust models, multi-factor authentication, and behavioral biometrics are becoming integral components of the security posture.
However, the true value lies in the integration of these technologies: architectures that combine continuous monitoring, advanced analytics, and automated response reduce the time between incident identification and mitigation, making the organization more resilient.
In this context, testing is also evolving. From penetration tests to resilience tests, these assessments are becoming strategic tools for measuring an organization’s actual ability to operate under stress.
Supply Chains and Skills: Areas of Tension
Despite the progress made, the transition toward cyber resilience highlights certain structural challenges, particularly in the management of the extended ecosystem.
Threats originating from third and fourth parties are becoming increasingly complex and difficult to detect, often relying on hybrid techniques. Compounding this issue is the limited timeliness of alert sharing: in most cases, reports are issued at intervals of more than six months, in line with the formal terms of the contracts. This frequency is now out of step with the speed of threats, reducing the effectiveness of response actions. Consequently, there is a need to extend resilience beyond organizational boundaries, across the entire ecosystem.
Another key area of focus is expertise. Technical proficiency is generally adequate, but the overall number of resources remains insufficient given the complexity of the environment. The market is concentrating its efforts on more operational and project-oriented functions, such as Security Operations and Security by Design, while accelerating the strengthening of areas such as Fraud, Risk, and Compliance—in part in response to regulatory pressures.
Cybersecurity functions are among the most active in the area of training, making extensive use of e-learning and advanced simulations. However, the challenge remains of establishing a widespread and consistent cybersecurity culture capable of supporting increasingly integrated resilience models.
Toward Continuous and Competitive Resilience
The ongoing transformation is leading toward a model of continuous resilience, in which the ability to adapt becomes a central element. Cyber resilience is no longer a goal to be achieved, but a dynamic process that requires constant updating, cross-functional integration, and a long-term strategic vision.
In this scenario, the role of the CISO is becoming increasingly important, evolving from a security manager to a key figure in risk governance and strategic decision-making, while artificial intelligence is playing an ever-greater role not only in defense but also in threat prediction.
Cyber resilience is thus emerging as a key driver of competitiveness in the financial sector. It is no longer enough to simply protect systems and data; ensuring business continuity, reliability, and trust has become essential in an environment marked by high uncertainty.
Data from the Cybersecurity HUB reveal an evolving sector that is increasingly moving toward integrated and proactive models, although challenges remain, particularly along the supply chain and in terms of skills.
The true competitive advantage lies in the ability to transform security into resilience: integrating technologies, processes, and expertise; anticipating threats; and ensuring business continuity even in times of crisis. The challenge is no longer to build a comprehensive defensive barrier, but to develop risk awareness, rapid response capabilities, and continuous adaptation—key factors for sustaining business operations and preserving trust and reputation over the long term.