Cyber-attacks against financial institutions are on the rise: Those directed against strategic infrastructures and platforms of a central bank, could have momentous repercussions on the vital ganglia of the financial system as a whole. The present work defines the development of a cyber threat intelligence (CTI) apparatus in a central bank. Such a system aims at promoting a preventive posture against constantly evolving threats such as cybercrime, cyber espionage, hacktivism, cyberterrorism and state-sponsored APTs.
This paper puts forward definitions and taxonomy, while devising analysis tools on a three-level scale CTI (technical/operational, tactical e strategic). Furthermore, it identifies organizational and systemic implications arising from the development of a CTI programme, by proposing a set of measures to mitigate possible adverse effects and boost systemic prevention and resilient reaction.