27 May BCBS – Basel issued executive summary on Cyber Resilience Practices in the financial sector
May 27, 2021
Emphasizes the sector is significantly exposed to cyber threats as it is information technology-intensive and highly interconnected through payment systems. Important for financial firms to strengthen cyber resilience, described by FSB as the ability of an organization to continue mission by anticipating and adapting to cyber threats. But also adapting to other relevant changes in the environment by withstanding, containing, and rapidly recovering from cyber incidents. Banks typically more exposed as have the most public-facing products and services. Their systems have multiple points of contact with outside parties, so vulnerable to cyberattacks, as interfaces used as entries for attacks targeting other parts of the system.
Regulatory and supervisory frameworks created to enhance banks’ cyber resilience. Cyber-Resilience-Range of practices describes and compares regulatory approaches and supervisory practices across BCBS member jurisdictions – issued in 2018. Regulation and supervision mainly focusing on banks’ specific cybersecurity strategies.
Cyber incident response, a recovery that may include cyber-specific business continuity and disaster recovery requirements (refers to FSB Effective Practices issued in 2020). Also covered third-party dependencies, information-sharing arrangements, and resilience metrics.
For more information, visit www.bis.org.