27 May BCBS – Cyber resilience practices – Executive Summary
May 27, 2021 – Basel issued executive summary on Cyber Resilience Practices in the financial sector.
Emphasizes the sector is significantly exposed to cyber threats as it is information technology-intensive and highly interconnected through payment systems. It is important for financial firms to strengthen cyber resilience, described by FSB as the ability of an organization to continue its mission by anticipating and adapting to cyber threats. Adapting to other relevant changes in the environment by withstanding, containing, and rapidly recovering from cyber incidents. Banks are typically more exposed as they have the most public-facing products and services. Their systems have multiple points of contact with outside parties, can be vulnerable to cyberattacks, as these interfaces can be used as entries for attacks targeting other parts of the system.
Regulatory and supervisory frameworks created to enhance banks’ cyber resilience. Cyber-resilience range of practices: describes and compares regulatory approaches and supervisory practices across BCBS member jurisdictions – issued in 2018. Regulation and supervision mainly focusing on banks’ specific cybersecurity strategies. Cyber incident response, the recovery that may include cyber-specific business continuity and disaster recovery requirements (refers to FSB Effective Practices issued in 2020). Also in focus are third-party dependencies, information-sharing arrangements, and resilience metrics.
For more information, visit www.bis.org.