Cyber Resilience

Enhancing cyber resilience is a key element of the FSB’s work programme to promote financial stability. Cyber incidents pose a threat to the stability of the global financial system. A significant cyber incident, if not properly contained, could seriously disrupt the financial system, including critical financial infrastructure, leading to broader financial stability implications. The FSB has undertaken a series of actions to address cyber risks:

Cyber incident reporting

Cyber incidents remain a threat to the financial system and are rapidly growing in frequency and sophistication. Recognising that information on cyber incidents is crucial for effective incident response and recovery and for promoting financial stability, the FSB explored ways to promote greater convergence in cyber incident reporting. In October 2021, the FSB published a report that set out three ways to achieve greater convergence in cyber incident reporting.

In response to a G20 call, the FSB has conducted work to promote greater convergence in cyber incident reporting in three ways:

  1. setting out recommendations to address the issues identified as impediments to achieving greater harmonisation in incident reporting;
  2. enhancing the Cyber Lexicon to include additional terms related to cyber incident reporting as a ‘common language’ is necessary for increased convergence; and
  3. identifying common types of information that are submitted by financial institutions to authorities for cyber incident reporting purposes, which culminated in a concept for a common format for incident reporting exchange (FIRE) to collect incident information from financial institutions and use between themselves. FIRE would be flexible to allow a range of adoption choices and include the most relevant data elements for financial authorities.

Effective practices for cyber incident response and recovery

Efficient and effective response to and recovery from a cyber incident is essential to limiting any related financial stability risks. Such risks could arise, for example, from interconnected information technology systems between multiple financial institutions or between financial institutions and third-party service providers.

In October 2020 the FSB published a toolkit to promote effective practices for financial institutions’ cyber incident response and recovery. The toolkit is structured across seven components, and includes 49 effective practices. The FSB encourages authorities and organisations to use the toolkit to enhance their response and recovery activities.

Cyber Lexicon

 In 2018 the FSB published a Cyber Lexicon to support the work of the FSB, standard-setting bodies, authorities and private sector participants, e.g. financial institutions and international standards organisations, to address financial sector cyber resilience. The Lexicon was updated in 2023 to remain current with the evolving cyber landscape and development of information technology.

Cyber stocktake

In 2017 the FSB published a stocktake on cyber security regulations, guidance and supervisory practices of its member jurisdictions. This work identified, among other things, a need to enhance communication between authorities and the private sector. The stocktake identified further areas for collaboration amongst FSB members.


Key Documents

Recommendations to Achieve Greater Convergence in Cyber Incident Reporting: Final Report

Report sets out recommendations that aim to promote convergence among cyber incident reporting frameworks and encourage better practices.

Format for Incident Reporting Exchange (FIRE): A possible way forward

Report sets out a concept for developing a common format for incident reporting exchange (FIRE) to collect incident information from financial institutions and that authorities could use for information sharing.

Cyber Lexicon: Updated in 2023

Update of the FSB’s 2018 Cyber Lexicon to ensure it remains current with the evolving cyber landscape and development of information technology.

Cyber Lexicon

The lexicon comprises a set of approximately 50 core terms related to cyber security and cyber resilience in the financial sector.

Achieving Greater Convergence in Cyber Incident Reporting – Consultative document

This consultative document sets out recommendations to address impediments to achieving convergence, advances work on establishing common terminologies related to cyber incidents and proposes the development of a common format for incident reporting exchange.