單位介紹(About Us)
金融監督管理委員會配合行政院政策,於106年12月成立金融資安資訊分享與分析中心(Financial Information Sharing and Analysis Center,F-ISAC),提供金融資安情資預警及聯防機制,以提升金融產業整體資安治理能力,強化金融資安聯防體系,穩定金融市場秩序。
F-ISAC成立迄今,參與會員包含銀行、證券及保險等金融業者,主要服務如下:
(一) 事前預警防護:關聯分析國內外資安情資,研析相關弱點威脅、攻擊手法、影響範圍與因應措施,供會員提前掌握資安威脅,提升資安事件之掌握度以即時反應,降低事件風險。
(二) 事中監控應變:蒐集綜整各金融機構回傳之事件資訊,交叉分析其遭受的資安威脅,產製事件共通之攻擊資訊及入侵攻擊指標資訊(Indicator of Compromise, IoC)提供給各會員SOC進行聯防偵測與防護。
(三) 事後災變回復:分析我國金融機構事件威脅,主動通報可能受影響之金融機構,並協助對資安威脅之緊急應變,必要時偕同資安專業廠商組成金融緊急應變小組,協助會員資安事件應處。
(四) 攻防演練與人才培訓:模擬金融機構環境,舉辦DDoS攻擊或紅藍軍對抗等演練,並與專業訓練機構合辦資安技術認證課程,經由相關活動培訓金融資安人才,增進金融機構資安防禦與實戰能量。
(五) 國際交流合作:F-ISAC自108年3月起成為美國FS-ISAC會員,於111年1月起成為美國FIRST會員,於112年8月起成為亞太區電腦緊急事件回應小組APCERT會員,並與多國金融資安單位簽訂MoU及建立合作管道,此外亦積極參與國際資安組織活動或會議,擴大國外資安情資交流與合作。F-ISAC汲取國際經驗並與F-ISAC會員分享,促進我國金融業與國際接軌,提升我國金融資安能見度。
In response to executive yuan's policy, Financial Supervisory Commission has created Financial Information Sharing and Analysis Center (F-ISAC) on 22nd December 2017.
F-ISAC provides financial institutions with intelligence and mutual defense mechanism, and by doing so creates a financial sector information security mutual defense system as well as maintaining the financial stability of our country.
To date, financial institutions including banks, securities and futures firms, securities investment trust and consulting companies, and insurance companies, have joined F-ISAC. F-ISAC provides following services to members:
1. Incident Prevention: F-ISAC analyzes vulnerabilities, TTPs (tactics, techniques and procedures), impact and countermeasures of cyber security incidents from local and global intelligence. By sharing the information above with financial institutions, they can understand latest threats and incidents, thus, proper measures can be taken to reduce threats of cyber security incident.
2. Incident Response: F-ISAC gathers and analyzes cyber security incidents of financial institutions, and produces alerts or reports containing TTPs (tactics, techniques and procedures) and IoCs (indicator of compromise), hence the financial institutions can prevent and detect threats.
3. Incident Recovery: F-ISAC analyzes threat and incident targeting financial sector, and alerts the members who are possibly affected by the threat. Furthermore, F-ISAC assists members with issues such as consultation and coordination of professionals for the response and investigation of information security incidents.
4. Cyber Offence/Defense Exercise and Training: F-ISAC organizes Distributed Denial-of-Service (DDoS) exercise, Red Team/Blue Team exercise, and cooperates with professional training center to offer technical certificate courses for our members. By building cyber security capacities, the financial institutions will be able to defense and response against cyber security threats.
5. International collaboration: F-ISAC joined U.S. FS-ISAC(Financial Services Information Sharing and Analysis Center) in March 2019, joined U.S. FIRST(Forum of Incident Response and Security Teams) in January 2022, and joined APCERT(Asia Pacific Computer Emergency Response Team) in August 2023. Furthermore, F-ISAC have signed MoUs and established relationships with cyber security organizations from all around the world. By attending conferences and meetings held by international organization, F-ISAC can learn from others’ experiences and share the experiences with our members afterwards. Therefore, not only can the financial institutions know latest global trends, we also increase the international visibility of our cyber security capabilities.