QA Financial Forum Chicago | 9 April 2024 | BOOK TICKETS
Search
Close this search box.

Regulators say systems must be up and running two hours after attack

cyber-security-1569497289

 

Coen Voormeulen, co-chair of the CPMI-

Coen Voormeulen, co-chair of the CPMI-IOSCO working group that published the paper.

 

The Bank of International Settlement’s Committee on Payments and Market Infrastructures (CPMI), together with the International Organization of Securities Commissions (IOSCO), has published a report advising financial markets infrastructure (FMIs, a category that includes important payments systems and clearing houses) on how to improve their cyber resilience. The joint working group advises financial infrastructure organisations to plan their defences so that disruption of critical systems can be resolved within two hours.  

The stated aim of the report, which is titled ‘Guidance on Cyber Resilience for Financial Market Infrastructures,’ is to advise financial infrastructures on how to enhance their cyber defences in order to “limit the escalating risks that cyber threats pose to financial stability.”

The end-goal of cyber resilience implementation is to have systems that are resilient enough to ensure that critical operations can resume within two hours of a major attack, “Even in the case of extreme but plausible scenarios.” The report does recognise that different organisations are at different levels of readiness, and that significant redesign of systems might be necessary to reach the two-hour recovery objective. However, the guidance paper says FMIs should be able achieve that level of readiness within 12 months.

The paper recommends that financial infrastructure organisations undertake extensive testing of their systems to assess their cyber defences. The CPMI-IOSCO working group follows cyber security trends in recognising the growing importance of cyber intelligence, and recommends that all security tests be informed by an awareness of the cyber security landscape. It says: “Strong situational awareness, acquired through an effective cyber threat intelligence process can make a significant difference in the FMI’s ability to preempt cyber events or respond rapidly and effectively to them.”

Financial infrastructures should not limit themselves to gathering information internally, adds the paper. In order to improve situational awareness, the guidance paper advises FMIs take part in information sharing groups, such as the US-based Financial Services Information Sharing and Analysis Center to assess and discuss potential threats.