The numerous recent cybersecurity incidents in the financial sector prompt for the emerging need to elevate the security of the physical and cyber assets available for financial institutions. To this end, the FINSEC project aims at designing and building a reference architecture (i.e., the FINSEC Architecture) that offers inte- grated security services designed for financial institutions. This Chapter describes the Security Knowledge Base and the approach of the FINSEC project for sharing the knowledge of Cyber-Physical Threat Intelligence of financial infrastructures, based on a novel modeling language called FINSTIX. FINSTIX enables the description and storage of cyber-physical security inci- dents and simplifies their exchange and processing among the different reasoning modules composing the FINSEC Architecture.
FINSTIX: A Security Data Model for the Financial Sector
Enrico Cambiaso;Ivan Vaccari;
2020
Abstract
The numerous recent cybersecurity incidents in the financial sector prompt for the emerging need to elevate the security of the physical and cyber assets available for financial institutions. To this end, the FINSEC project aims at designing and building a reference architecture (i.e., the FINSEC Architecture) that offers inte- grated security services designed for financial institutions. This Chapter describes the Security Knowledge Base and the approach of the FINSEC project for sharing the knowledge of Cyber-Physical Threat Intelligence of financial infrastructures, based on a novel modeling language called FINSTIX. FINSTIX enables the description and storage of cyber-physical security inci- dents and simplifies their exchange and processing among the different reasoning modules composing the FINSEC Architecture.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
