FINSEC · Project

All-in-One Cyber and Physical Security Platform Built for Banks and Financial Companies

digitalPilotedTRL 7

Banks, insurance companies, and payment providers have dozens of separate security systems — one for cameras, one for network attacks, one for compliance — and none of them talk to each other. FINSEC brought 28 organizations together to build a single integrated platform that watches both digital threats and physical ones (like ATM tampering or building intrusions) at the same time. Think of it as a control tower for financial security: it spots anomalies, assesses risk across the whole chain, and lets companies share threat intelligence without exposing their own data. They tested it in five real-world scenarios — from protecting SWIFT networks to securing peer-to-peer payments — with over 500 security and finance experts involved.

By the numbers

consortium partners

countries represented

real-world pilot scenarios validated

500+

security and finance experts engaged in pilots

79%

industry partners in consortium

total project deliverables

demo/prototype deliverables

industry partners

The business problem

What needed solving

Financial institutions run dozens of disconnected security systems — firewalls, cameras, access control, fraud detection — each managed separately with no unified view. When a sophisticated attack combines physical and digital vectors (e.g., ATM tampering plus network intrusion), these siloed systems miss the connection. Meanwhile, threats cascade through interconnected financial supply chains, and individual companies can't assess risks they can't see.

The solution

What was built

A complete integrated security platform with working prototypes of: SIEM infrastructure (based on ATOS XL-SIEM), vulnerability scanning and penetration testing tools, CCTV analytics (based on FUJI technology), anomaly detection for financial infrastructure, a risk assessment engine, collaborative security services for cross-organization threat sharing, a security knowledge base for the financial sector, and a market platform for distributing third-party security solutions. All components went through three development iterations.

Audience

Who needs this

Chief Information Security Officers at banks and financial groupsCyber risk underwriters at insurance companiesSecurity operations teams at payment processors and card networksIT security managers at stock exchanges and capital management firmsCISOs at financial SMEs without dedicated security infrastructure

Business applications

Who can put this to work

Banking and Retail Finance

enterprise

Target: Mid-to-large banks managing ATM networks and branch security

If you are a bank dealing with fragmented security systems across your ATM network, branches, and digital channels — this project developed an integrated platform combining SIEM, anomaly detection, and CCTV analytics that monitors both cyber and physical threats from one dashboard. It was tested in a pilot specifically covering ATM network and building security with input from over 500 security and finance experts.

Insurance and Risk Management

enterprise

Target: Insurance companies assessing cyber risk for underwriting

If you are an insurance company struggling to price cyber risk accurately for financial clients — this project developed a Risk Assessment Engine validated in a dedicated insurance pilot scenario. It combines vulnerability scanning, collaborative risk analysis, and a finance-specific security knowledge base, letting you assess cascading threats across interconnected financial supply chains.

Payment Services and Fintech

mid-size

Target: Payment processors and P2P payment platforms

If you are a payment company facing growing threats to your transaction networks — this project developed and piloted protection specifically for peer-to-peer payment networks and SWIFT infrastructure. The platform includes anomaly detection over financial infrastructure and information-sharing tools that let you exchange threat intelligence with peers without exposing sensitive data.

Frequently asked

Quick answers

What would it cost to deploy this platform?

The project did not publish licensing or deployment pricing. Since the toolbox integrates components from multiple commercial partners (including ATOS pentesting and SIEM, and FUJI CCTV analytics), pricing would likely depend on which modules you need and your infrastructure scale. Contact the consortium partners for commercial terms.

Can this scale to a large bank with thousands of endpoints?

The platform was validated across 5 pilot scenarios covering diverse financial operations — from SWIFT networks to ATM infrastructure to P2P payments — engaging over 500 security and finance experts. The architecture was designed as a reference standard for the entire financial services industry, covering banking, capital management, insurance, and card payments.

Who owns the IP and how is it licensed?

The platform integrates background technologies from multiple consortium partners — ATOS contributed SIEM and pentesting tools, FUJI contributed CCTV analytics. IP is distributed across the 28 consortium partners. The project built a market platform (FINSEC Portal) designed to offer these tools to third parties, suggesting commercial licensing was planned.

Does this help with regulatory compliance?

Yes. The project includes configuration and auditing/conformance tools as part of the integrated platform, and the security knowledge base specifically targets compliance for critical financial infrastructure. The reference architecture is standards-based, designed to align with financial sector security regulations.

How long would implementation take?

Based on available project data, the platform went through three development iterations (versions I, II, and III) across 55 deliverables over 3 years. For deployment, the modular toolbox approach means you could start with specific components (e.g., vulnerability scanning or anomaly detection) and expand. Timeline would depend on integration with your existing security stack.

Can this integrate with our existing security tools?

The reference architecture was specifically designed for integration. The FINSEC Portal and Market Platform includes auditing tools for third-party solutions, and the information-sharing infrastructure enables data exchange between organizations. The SIEM component is built on ATOS XL-SIEM, an established commercial product.

Is there ongoing support or a community?

The project aimed to establish an ecosystem of security solutions for the financial sector, supported by the partners' sales, marketing, and standardization channels worldwide. With 22 industry partners across 10 countries, the consortium has broad commercial reach. Check the project website for current status of the ecosystem.

Consortium

Who built it

This is a heavily industry-driven consortium with 22 out of 28 partners (79%) coming from the private sector — one of the highest industry ratios you'll see in EU security projects. The coordinator, GFT Italia, is a major IT services company specializing in financial sector digital transformation. Key technology contributors include ATOS (SIEM and pentesting) and FUJI (CCTV analytics), both global players with established product lines. The consortium spans 10 countries across Europe and Israel, with 6 SMEs bringing specialized capabilities. With only 3 universities and 3 research organizations, this project was clearly engineered for market output rather than academic publishing. The 5 pilot scenarios cover the full spectrum of financial services — banking, capital management, insurance, card and P2P payments — giving the results broad sector credibility.

GFT ITALIA SRLCoordinator · IT
ALPHA BANK ANONYMOS ETAIRIAparticipant · EL
FSAS TECHNOLOGIES GMBHparticipant · DE
CLEAR COMMUNICATION ASSOCIATES LIMITED - CCAparticipant · UK
FUJITSU TECHNOLOGY SOLUTIONSthirdparty · FR
ZANASI ALESSANDRO SRLparticipant · IT
UNICAJA BANCO SAparticipant · ES
JRC CAPITAL MANAGEMENT CONSULTANCY & RESEARCH GMBHparticipant · DE
ASSOCIATION O.R.T.participant · FR
SIA SPAparticipant · IT
ATOS SPAIN SAparticipant · ES
HEWLETT PACKARD ITALIANA SRLparticipant · IT
INNOV-ACTS LIMITEDparticipant · CY
CONSIGLIO NAZIONALE DELLE RICERCHEparticipant · IT
SINGULARLOGIC PLIROFORIAKON SYSTIMATON KAI EFARMOGON PLIROFORIKISparticipant · EL
NORSK REGNESENTRALparticipant · NO
FONDAZIONE BRUNO KESSLERparticipant · IT
UNIVERSITA DEGLI STUDI DI GENOVAthirdparty · IT
ATOS IT SOLUTIONS AND SERVICES IBERIA SLthirdparty · ES
IBM ISRAEL - SCIENCE AND TECHNOLOGY LTDparticipant · IL
UTI GRUP SAparticipant · RO
CONSORZIO INTERUNIVERSITARIO NAZIONALE PER L'INFORMATICAparticipant · IT
HDI Assicurazioni S.p.A.participant · IT

How to reach the team

GFT Italia SRL is a well-known financial IT services company in Italy — their innovation or partnerships team would be the entry point.

Order a report on this consortium See GFT ITALIA SRL profile →

Next steps

Talk to the team behind this work.

Want to explore how FINSEC's integrated security tools could work for your financial institution? We can connect you with the right consortium partner for your specific security challenge — whether it's SIEM, physical security, or risk assessment.

Order a report on this topic More in Digital & ICT