Enhancing cyber resilience is a key element of the FSB’s work programme to promote financial stability. Cyber incidents pose a threat to the stability of the global financial system. A significant cyber incident, if not properly contained, could seriously disrupt the financial system, including critical financial infrastructure, leading to broader financial stability implications. The FSB has undertaken a series of actions to address cyber risks:
Cyber incident reporting
Cyber incidents remain a threat to the financial system and are rapidly growing in frequency and sophistication. Recognising that information on cyber incidents is crucial for effective incident response and recovery and for promoting financial stability, the FSB explored ways to promote greater convergence in cyber incident reporting. In October 2021, the FSB published a report that set out three ways to achieve greater convergence in cyber incident reporting.
In response to a G20 call, the FSB has conducted work to promote greater convergence in cyber incident reporting in three ways:
setting out recommendations to address the issues identified as impediments to achieving greater harmonisation in incident reporting;
enhancing the Cyber Lexicon to include additional terms related to cyber incident reporting as a ‘common language’ is necessary for increased convergence; and
identifying common types of information that are submitted by financial institutions to authorities for cyber incident reporting purposes, which culminated in a concept for a common format for incident reporting exchange (FIRE) to collect incident information from financial institutions and use between themselves. FIRE would be flexible to allow a range of adoption choices and include the most relevant data elements for financial authorities.
Effective practices for cyber incident response and recovery
Efficient and effective response to and recovery from a cyber incident is essential to limiting any related financial stability risks. Such risks could arise, for example, from interconnected information technology systems between multiple financial institutions or between financial institutions and third-party service providers.
In October 2020 the FSB published a toolkit to promote effective practices for financial institutions’ cyber incident response and recovery. The toolkit is structured across seven components, and includes 49 effective practices. The FSB encourages authorities and organisations to use the toolkit to enhance their response and recovery activities.
In 2018 the FSB published a Cyber Lexicon to support the work of the FSB, standard-setting bodies, authorities and private sector participants, e.g. financial institutions and international standards organisations, to address financial sector cyber resilience. The Lexicon was updated in 2023 to remain current with the evolving cyber landscape and development of information technology.
In 2017 the FSB published a stocktake on cyber security regulations, guidance and supervisory practices of its member jurisdictions. This work identified, among other things, a need to enhance communication between authorities and the private sector. The stocktake identified further areas for collaboration amongst FSB members.