Cybersecurity: the contribution of the Bank of Italy and IVASSThis report has been edited by the Gruppo di coordinamento sulla sicurezza cibernetica (GCSC)

Cyber attacks are a growing threat to an economy that is increasingly based on digital technologies. Cyber risk is relevant to numerous production and consumption activities and, by its very nature, it crosses national and sectoral borders.

Thus, a global and systemic approach is called for. In an interconnected world, no digital device - however well protected - can be considered as totally secure if the surrounding environment is still vulnerable. Cooperation between public authorities and the private sector is of central importance and society as a whole - not only the experts - must be made aware of the risks involved.

Principles, best practices, rules and technological standards are being set to strengthen the prevention, defence and reaction capabilities of countries, organizations and businesses. These initiatives are flanked by national cybersecurity strategies. Italy is also moving in this direction.

The Bank of Italy and IVASS are in the front line of the battle against this threat as they are the institutions responsible for keeping the Italian financial system secure, especially given that it is a prime target for hostile actors, be they motivated simply by profit or by a desire to trigger a crisis of confidence. Repelling attacks is essential to safeguarding savings and ensuring that the economy runs smoothly.

The Bank of Italy and IVASS have established the Cybersecurity Coordination Group (GCSC), which brings together a set of specialists with expertise in: ICT, the supervision of banks, financial intermediaries and insurers, payment system oversight and economic research. The aim is to develop strategic thinking on cyber risk and to ensure a line of action that can be used for all these different functions.

This report provides an overview of what has been accomplished to protect the financial sector from cyber attacks.

Full text