Abstract
Critical infrastructure and services in financial industry are important for our society and the financial industry starts to understand the topic beyond the normal and well maintained Business Continuity Management and Disaster Recovery Plans (BCM & DRP). Today, the international backbone financial infrastructures operate pretty well, but in the infrastructure towards clients, two issues are utmost critical for the banks: Drive By Download and Phishing; both are related to steeling identity and money via e-banking. This is one of the results achieved by the EU project Parsifal (Protection and Trust in Financial Infrastructure (Parsifal-Team, 2010), for compositing a research agenda for the cyber security of the financial industry.
Keywords: Critical Information Infrastructure Protection, Financial Industry, Resilience and Robustness, CIP, CIIP
Contributor Information
Javier Lopez, Email: jlm@lcc.uma.es.
Roberto Setola, Email: r.setola@unicampus.it.
Stephen D. Wolthusen, Email: stephen.wolthusen@rhul.ac.uk
Bernhard Hämmerli, Email: Bernhard.Hammerli@hig.no.
References
- Comifin-Team. Communication Middleware for Monitoring Financial Critical Infrastructure (2008) Von, www.comifin.eu/abgerufen
- Detecon Consulting. Study - The Value of Information Security to European Banking Institutions. Zürich, Detecon (2001)
- Dick K., Nanto, C. S.: The Global Financial Crisis: Analysis and Policy Implications. Abgerufen am 26. 4 2011 (October 2, 2009) von, http://www.fas.org/sgp/crs/misc/RL34742.pdf
- Financial-Services-Club (October 2009) Von, http://thefinanser.co.uk/fsclub/2009/10/cloud-computing-needs-better-definition-to-succeed.htmlabgerufen
- FIX-Group. (kein Datum). Abgerufen am 2011. 7 31 von Request for Participation: FIX-FpML Collaboration Working Group, www.fixprotocol.org/discuss/read/5341e8a6
- FIX-Group, F. S. (kein Datum). FIX Protocol. Abgerufen am 2011. 7 31 von www.fixprotocol.org/what-is-fix.shtml
- Flatraaker, D.-I.: Sepa Standards – Sepa goes mobile. EPC Newsletter (January 2009)
- Gresser, J. Y.: Draft Ontology Of Financial Risks & Dependencies. Abgerufen am 26. 4 2011 von parsifal-project.eu (2009), http://www.parsifal-project.eu/images/PublicDeliverables/PARSIFAL%20D2.1%20Draft%20Ontology%20of%20Financial%20Risks%20Dependencies%20Within%20and%20outside%20the%20Financial%20Sector%20V3.0%20(Glossary).pdf
- Gresser, J. Y.: Ontology of Financial Risks & Dependencies: Vol 2 Glossary.Abgerufen am 26. 4 2011 von parsifal-project.eu (2009), http://www.parsifal-project.eu/images/PublicDeliverables/parsifal%20d2.1%20draft%20ontology%20of%20financial%20risks%20and%20dependencies%20within%20and%20outside%20the%20financial%20sector.pdf
- IdenTrust. (kein Datum). IdenTrust. Abgerufen am 31. 7 2011 von www.identrust.com/pdf/IdenTrust_Privacy_WhitePaper.pdf
- MEALNI. (31. 12 2010-2). Semi-annual report 2010/2. Abgerufen am 27. 04 2011 von, http://www.melani.admin.ch/dokumentation/00123/00124/01122/index.html?lang=en
- MELANI. (30. 6 2010-1). Semi-annual report 1/2010. Abgerufen am 27. 4 2011 von, http://www.melani.admin.ch/dokumentation/00123/00124/01119/index.html?lang=en
- Neumann, P. G. (kein Datum). ACM Digital Library. Abgerufen am 31. 7 2011 von, http://portal.acm.org/citation.cfm?id=505778&dl=ACM&coll=DL&CFID=37083720&CFTOKEN=98694083
- Parsifal-Team. Protection and Trust in Financial Infrastructures. Abgerufen am 2011. 7 31 von (2010), www.parsifal-project.eu
- Peppol-Team. (kein Datum). eProcurement without Bbroders in Europe. Abgerufen am 2011. 7 31 von www.peppol.eu
- SLTTGCC. Critical Infrastructure Data Taxonomy: Common Terminology for Describing Critical Infrastructure. Abgerufen am 26. 4 2011 von US Departement of Homeland Security (2005), http://www.dhs.gov/files/publications/gc_1226595934574.shtm
- Susan Morrow, G. J.-Y.: D3.4 Mapping of Research Challenges to CFI Scenarios.Abgerufen am 29. 4 2011 (October 13, 2009) von, http://www.parsifal-project.eu/index.php?option=com_content&view=article&id=73&Itemid=59
- Westbrook, N. M.: Bloomber Business Week. Abgerufen am 31. 7 2011 (2010) von, www.businessweek.com/news/2010-10-01/waddell-reed-trades-said-to-help-spur-may-6-crash.html
- Wikipedia on Bank for International Settlements. (kein Datum). Abgerufen am 26. 4 2011 von, http://en.wikipedia.org/wiki/Bank_for_International_Settlements
- Wikipedia on Basel II. (kein Datum). Abgerufen am 4 2011 von, http://en.wikipedia.org/wiki/Basel_II
- Wikipedia, S. r. Settlement risk. Abgerufen am 6. 5 2011 (August 26, 2010) von, http://en.wikipedia.org/wiki/Herstatt_Risk
- Wilcox, H.: Banking on the mobile - Mobile Banking, Strategies, Applications & Markets 2008-2013. Juniper Research White Paper, Basingstoke (January 2009)
- European Payment Council: Towards our single payment area (February 25, 2009), http://www.europeanpaymentscouncil.eu/index.cfm
- COSO - Enterprise Risk Management - Integrated Framework , Executive Summary (September 2004), http://www.coso.org/Publications/ERM/COSO_ERM_ExecutiveSummary.pdf
- Research and Development Committee, Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security (FSSCC), Research Agenda for the Banking and Finance Sector (September 2008)
- International Telecommunication Union, Information Society Statistical Profiles, 2009 – Africa, http://www.itu.int/dms_pub/itu-d/opb/ind/D-IND-RPM.AF-2009-PDF-E.pdf
- Committee on Payment and Settlement Systems (CPSS - Bank of International Settlement), The interdependencies of payment and settlement systems (June 2008)
- European Central Bank (ECB), Public consultation on glossary of terms related to payment, clearing and settlement systems (September 30, 2008)
- Federal Office for Information Security, BSI – Standard- 100-4, Business Continuity Management, version 1.0 (2009), http://www.bsi.bund.de/grundschutz
- British standard Institute, Information technology — Security techniques — Information security management systems — Code of practice for information security management, BS ISO/IEC 27001:2005, BS 7799-1:2005 (July 2007)