CIISI-EU aims to protect Europe’s crucial financial systems by facilitating intelligence sharing and encouraging the adoption of higher security standards

The European Central Bank, Frankfurt

Europol, the European Central Bank (ECB), and many of Europe’s most prominent financial organizations are participating in a new initiative designed to bolster existing cybersecurity standards in the industry.

Launched on February 27, the Cyber Information and Intelligence Sharing Initiative (CIISI-EU) will allow financial services organizations including banks, clearing houses, stock exchanges, and payment providers to “share vital cybersecurity threat information to help protect European citizens’ savings against cybercriminals”, according to Europol.

Under the CIISI-EU umbrella, financial organizations will share threat intelligence on current and emerging cybercrime issues. In particular, it’s hoped that the initiative will pave the way for banks and law enforcement to communicate more efficiently when it comes to tackling cybersecurity-related organized crime.

Threat information will be traded through an automated platform and members will receive biannual threat reports of concern to their businesses.

Walking the walk

According to ECB executive board member Fabio Panetta, it is vital that European organizations maintain an “agile and sophisticated” approach to tacking cybercrime in Europe's financial sector.

Security firm RiskIQ estimates that cybercrime now costs $2.9 million per minute worldwide, with the global economy accepting a loss of $1.5 trillion in 2018 alone.

One of the most prominent cases impacting the financial services industry occurred in 2016 when cybercriminals were able to compromise the SWIFT banking system, resulting in the theft of $81 million from Bangladesh’s central bank.

RELATED Inside J-CAT – Europol’s Joint Cybercrime Action Taskforce

By facilitating intelligence sharing among European financial services industry stakeholders, the new CIISI-EU initiative seeks to encourage the adoption of data handling best practices among members organizations.

The European Union Agency for Cybersecurity (ENISA), Nasdaq Clearing, Mastercard Europe, Banque de France, SWIFT, De Nederlandsche Bank, Euroclear, and the London Stock Exchange (LSE) are CIISI-EU members, among others.

“We should not underestimate the significance of taking this step,” Panetta commented at a meeting of the Ruo Cyber Resilience Board for pan-European Financial infrastructures in Frankfurt.

“Never before have the largest pan-European financial infrastructures, in close liaison with Europol and ENISA, come together and agreed to share information and intelligence.” 

“For years, the industry has talked about sharing information and intelligence, but few have actually done it,” he added.

Borderless intelligence sharing

The CIISI-EU initiative builds upon the European Framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU), which is designed to assist organizations in testing their susceptibility to cyberattacks, as well as the Cyber Resilience Oversight Expectations (PDF), the ECB’s cybersecurity guide for the financial services industry.

“In the context of cyber risk, this is a borderless threat and information sharing is critical to counter the threat,” an ECB spokesperson told The Daily Swig.

Europol has partnered with European financial giants to tackle cybercrimeEuropol’s headquarters in The Hague, Netherlands

The UK and LSE’s contribution to a Eurocentric scheme could be problematic due to Brexit and its potential impact on cross-border data sharing.

But a Europol spokesperson told The Daily Swig that since the CIISI-EU initiative focuses on threat assessments “the situation stays more or less the same with regards to the UK during the transition period”.

An adequacy agreement, however, will need to be forged between the UK and EU before the end of the transitional period to ensure data can still be shared.

“At this stage, we do not envisage any issues with the sharing of information and intelligence between the financial infrastructures, as they are largely European based,” the ECB spokesperson said. “Once the terms of the Brexit negotiations are clear, we will assess the matter again.”

The signing of the CIISI-EU agreement follows Mastercard’s announcement last month that it would open a new European cybersecurity center in 2021.

The Belgium-based Cyber Resilience Centre will bring together industry groups and law enforcement for collaboration in the development of cyberattack prevention and mitigation practices.

SECURITY DEEP DIVES The latest government data breaches in 2019/2020