Cyber Resilience Using ASFA: DORA-Compliant Threat-Led Penetration Testing

Cyber Resilience Using ASFA: DORA-Compliant Threat-Led Penetration Testing

연구 분야: Strategies

학회: International Conference on Critical Information Infrastructures Security

The financial sector is experiencing an increase in cyber incidents, prompting numerous firms to outsource IT infrastructure management. A primary factor contributing to these breaches is that the impacted systems are socio-technical systems (STSs), which include not only technical components such as software and hardware but also physical elements (e.g., robotics, mobility) and social components (e.g., human actors, business processes, and organizational units). Evaluating STS security breaches requires a holistic approach, considering human, organizational, software, and infrastructural elements. The study involves combining strategic factors, including social and organizational dynamics, with technical components such as software and physical infrastructure. In our previous work, we developed a security attack-monitoring system to tackle these challenges. This framework was developed to monitor, analyze, and model security incidents across the social, cyber, and physical dimensions of cyber-physical systems (CPS). This paper employs the framework to conduct threat-led penetration testing in accordance with the Digital Operational Resilience Act (DORA), thus improving the financial sector’s capacity to address information and communication crises. This study provides important insights into cyberattacks and their impact on the financial sector by examining security breaches reported to the Swedish Civil Contingencies Agency (MSB) by critical service providers. The experiment was performed in collaboration with a prominent Swedish financial institution.