Protecting European citizens and financial institutions from cybercriminals
SWIFT, as part of the Euro Cyber Resilience Board for pan-European Financial Infrastructures (ECRB) information sharing working group, established by the European Central Bank, was instrumental in the launch of an initiative to share vital cybersecurity threat information across major European infrastructures. It aims to help protect European citizens and financial instutions from cybercriminals.
The threat posed by cyber-attacks to the financial sector has never been greater. Attackers are well-resourced, constantly evolving their modus operandi and racing to make use of new technologies such artificial intelligence and machine learning.
Cybercriminals have always been good at sharing their modus operandi, tactics and intelligence with each other and we could learn to mirror this behaviour across our ecosystem.
Currently, across the financial industry, many institutions are at different levels of maturity in terms of usage of intelligence, they are fragmented in terms of the services, technology and products they use and typically they do not systematically share intelligence between themselves.
In response, the Euro Cyber Resilience Board for pan-European Financial Infrastructures set up a working group for information sharing. The core objectives of the programme, known as the Cyber Information and Intelligence Sharing Initiative (CIISI-EU) are:
1. To prevent, detect, respond and raise awareness of cybersecurity threats to ECRB members
2. To enable relevant and actionable intelligence sharing between ECRB members, law enforcement and be potentially extendable to wider ecosystem
3. To encourage active contribution and active participation within a ‘trusted circle’, rather than passive consumption or weak usage
4. To synthesise and actively propagate the sharing of strategic intelligence in addition to operational tactics, techniques and procedures and tactical indicattors of compromise
5. To continuously learn and evolve, as a collective, with regard to the process of analysing, developing and sharing cybersecurity intelligence
The ECRB consists of Europe’s largest and most important EU market infrastructures including central banks, clearing houses, stock exchanges, payment system providers and law enforcement agencies, among others.
Brett Lancaster, Head of the Customer Security Programme at SWIFT and Chair of the ECRB intelligence sharing working group, commented: “Cybercriminals have always been good at sharing their modus operandi, tactics and intelligence with each other and we could learn to mirror this behaviour across our ecosystem."
“Research shows that the exchange of relevant and timely cyber threat intelligence has proved critical in effectively detecting and preventing attacks. This is why we set out to create a framework which we will implement that simplifies the process of intelligence sharing by re-using proven components, adding value through disseminating strategic information and allowing each member to implement it at their own pace. This, we hope, will make it easier for those involved to protect consumers as well as the financial industry from cybercriminals.”
“This is the first time that major financial infrastructures, Europol and the European Union Agency for Cybersecurity (ENISA) have jointly taken steps against cyber risk,” said ECB Executive Board member and ECRB Chair, Fabio Panetta. “We hope this will be an inspiring model for other jurisdictions to tackle one of the biggest threats of our time. Cybercriminals are increasingly stealing money, and therefore sharing information will help us to prevent attacks and ultimately protect people’s money.”
In the coming months, the ECB will publish the framework for the CIISI-EU sharing initiative to encourage other jurisdictions to follow suit.