Reference Architecture for Integrated Cyber-Physical Threat Intelligence in the Financial Sector
The FINSEC Reference Architecture (RA) illustrates the main components of a data-driven cyber-physical threat intelligence system, as well as the interfaces and information flows between them. It serves as a blueprint for the development of integrated (cyber/physical) security systems for the critical infrastructures of the financial sector. It is presented in different views, including logical, process, implementation and deployment viewpoints that address the needs of all security stakeholders in the financial sector. The development of the FINSEC RA was driven by the current security needs of financial institutions including the need for integrated cyber and physical security, the need for collaboration across the stakeholders of the financial services chain, the need for regulatory compliance (e.g., PSD2 and GDPR compliance) and the need for increased automation in developing security solutions as part of the DevSecOps approach.
The FINSEC RA serves as a guide for the development of novel, data-driven cyber-physical threat intelligence applications for securing the infrastructures of the finance sector. It is driven by pragmatic needs of stakeholders in the financial sector and aligns to finding and reporting from security standards development organizations like ENISA.