Elnur Eyvazli: FIRST membership will make financial sector better prepared for cyber threats - INTERVIEW

The Sectoral Computer Incident Response Center for the Financial Sector, or FinCERT, established by the Central Bank of Azerbaijan (CBA) to coordinate cybersecurity incidents in the financial sector, has been admitted as a member of the internationally recognized Forum of Incident Response and Security Teams (FIRST) after successfully meeting the membership requirements.

The CBA expects this membership to contribute to the development of the cybersecurity ecosystem in the financial sector, strengthen early warning and coordination capabilities across the sector, and increase the cyber resilience of financial market participants.

Elnur Eyvazli, director of the CBA's Department of Information Security, Cybersecurity and Digital Fraud Prevention, answered Report's questions on the issue.

- What requirements did FinCERT have to meet to become a FIRST member?

- Prompt information exchange and reliable partnerships are essential for an effective response to cybersecurity incidents in the financial sector. FIRST is an international platform that brings together specialized teams responding to cyber incidents in different countries.

FIRST membership requires passing an assessment process based on internationally defined criteria. During this process, FinCERT's activities, mandate, service area, communication mechanisms, approach to incidents and ability to cooperate with other teams were evaluated.

For this purpose, FinCERT presented its operating model, role in the financial sector, target audience, processes for receiving and coordinating incidents, as well as secure communication capabilities. At the same time, in line with the RFC 2350 format accepted in international practice, the team's contact details, mission, area of responsibility and services were documented.

Support from FIRST member teams was also required as part of the membership process. This support was an important stage in terms of recognizing FinCERT's activities, area of responsibility and readiness for international cooperation. In addition, the team's maturity level, internal processes and cooperation capabilities were reviewed.

In simple terms, FinCERT demonstrated during this process that it has the necessary foundations for coordinating cybersecurity incidents in the financial sector, exchanging information on cyber threats and incidents, and building reliable cooperation with international partners.

- How do you assess the current level of cyber resilience in Azerbaijan's financial sector? What are the main challenges in this area?

- Serious progress has been observed in Azerbaijan's financial sector in terms of cyber resilience in recent years. Banks and other financial institutions are taking a more systematic approach to cybersecurity and are strengthening their capabilities in monitoring, incident management, information exchange and risk assessment.

At the same time, cyber threats are becoming more complex and dynamic. The financial sector has always been one of the priority targets for cybercriminals. The main reason is the sector's special importance in terms of money flows, customer data and the continuity of digital services.

One of the main challenges is the rapid evolution of cyberattack methods, tools and scenarios. Phishing, social engineering, malware, DDoS attacks, data leak attempts and third-party risks remain relevant for financial institutions.

Another important issue is unified coordination and prompt information exchange across the sector. A cyber threat observed against one organization may quickly become a risk for other financial institutions as well. Therefore, early warning, sharing of threat information and coordinated action during incidents are of particular importance.

In this regard, FinCERT's role is precisely to strengthen the sector's overall cyber resilience, increase coordination among financial market participants and form more flexible response mechanisms against threats.

- What opportunities will FIRST membership create for FinCERT's activities?

- FIRST membership gives FinCERT broader and more reliable access to the international cybersecurity community. This primarily means expanded opportunities for direct cooperation, exchange of experience and operational communication with specialized teams represented within FIRST and responding to cyber incidents in different countries.

Cyber incidents are often not limited by national borders. Attack sources, malicious infrastructure, phishing campaigns and malware may be located in different countries. In such cases, reliable international contacts are important for faster investigation of incidents and exchange of necessary information.

FIRST membership will allow FinCERT to monitor information on global cyber threats more promptly, benefit from advanced practices and take part in an internationally recognized cooperation network.

This membership is also important in terms of the international recognition of FinCERT's institutional maturity. In other words, FinCERT' role is no longer limited only to local sectoral coordination. FinCERT also acts as a reliable partner in the international cybersecurity ecosystem.

- What opportunities does FIRST membership promise for Azerbaijan's financial markets?

- FIRST membership is a useful step not only for FinCERT, but for Azerbaijan's financial markets as a whole. The expansion of FinCERT's international cooperation opportunities will ultimately help better protect the financial sector from cyber threats.

This membership will enable financial market participants to receive more prompt warnings, up-to-date cyber threat information and preventive recommendations. For example, if information about an internationally widespread phishing campaign, malware or an attack trend targeting the financial sector is obtained earlier, local financial institutions can also strengthen their defensive measures more quickly.

The main benefit for citizens and businesses is safer and more resilient financial services. Digital banking, payment systems and other financial services have become an integral part of everyday life. The security of these services is important for both financial institutions and users.

FIRST membership also ensures closer integration of Azerbaijan's financial sector into the international cybersecurity environment. This supports increased trust in the country's financial markets, stronger preparedness for incidents and the development of cyber resilience across the sector.

In simple terms, this membership means faster information, stronger cooperation and a financial sector that is better prepared for cyber threats.