Financial Stability Board Consults on Cyber Incident Responses
04/20/2020The Financial Stability Board has launched a consultation on its proposed guidance on Effective Practices for Cyber Incident Response and Recovery. The consultation seeks input on a toolkit of cyber incident responses compiled by the FSB based on effective actions taken by organizations across the world. The consultation paper opens with a series of specific questions for respondents to consider, before setting out the draft toolkit of responses on which feedback should be given. Responses should be submitted by July 20, 2020.
The FSB’s proposed toolkit contains seven key elements, all of which were exhibited by the organizations it examined:
- Governance – firms have a clear governance structure equipped to deal with cyber incidents, with clearly defined roles and accountability for dealing with cyber incident response and recovery;
- Preparation – firms make effective preparations for cyber incidents, including the establishment of policies based on regulatory and business requirements and the use of disaster recovery sites to back up critical systems and data;
- Analysis – firms effectively analyze the cyber incidents they encounter using taxonomies to classify the nature of the incident and utilize cyber threat intelligence sharing sources to share recommendations on threats and risk mitigation;
- Mitigation – firms mitigate the impact of cyber incidents by using containment measures tailored to the particular threat encountered, invoke business continuity measures while a cyber incident is ongoing, consider isolating the affected systems and remove all infected materials once the attack has been contained;
- Restoration – in the aftermath of a cyber incident, firms prioritize the restoration of affected systems based on business, security and technical requirements and define key milestones to redesign and reinstall systems;
- Improvement – firms take time to improve their response and recovery capabilities based on the lessons learnt from previous cyber incidents and participate in cross-sectoral and cross-border crisis management exercises to prepare for cyber incidents with a systemic impact; and
- Coordination and communication – firms communicate appropriately with stakeholders during a cyber incident and share progress made in response to incident analysis to ensure there are no misunderstandings in the wake of a cyber incident.
View the FSB's consultation on Effective Practices for Cyber Incident Response and Recovery.
Return to main website.