Guidance on cyber resilience for financial market infrastructures

CPMI-IOSCO release guidance on cyber resilience for financial market infrastructures

The Committee on Payments and Market Infrastructures (CPMI) Guidance on cyber resilience for financial market infrastructures and the Board of the IOSCO published the final report on Guidance on cyber resilience for financial market infrastructures (“Cyber Guidance”). This Cyber Guidance is the first internationally agreed guidance on cyber security for the financial industry. Over the years, it has been observed that cyber-attacks have become a recurrent feature in the financial sector and there is a need for the industry to be pro-active so as to respond rapidly and effectively to them.  The objective of the Cyber Guidance is to give an additional push to the industry’s ongoing efforts, amongst others, to enhance financial market infrastructures (FMIs) to achieve faster and safer target recovery results in the occurrence of any attacks.

Key concepts built into the Cyber Guidance include the following:

• Sound cyber governance is key. Board and senior management attention is critical to a successful cyber resilience strategy.
• The ability to resume operations quickly and safely after a successful cyber-attack is paramount.
• FMIs should make use of good-quality threat intelligence and rigorous testing.
• FMIs should aim to instil a culture of cyber risk awareness and demonstrate ongoing re-evaluation and improvement of their cyber resilience at every level within the organisation.
• Cyber resilience cannot be achieved by an FMI alone; it is a collective endeavour of the whole “ecosystem”.

To learn more you can read on the IOSCO website.