On June 29th The Committee on Payments and Market Infrastructures (CPMOI) and the Board of the International Organisation of Securities Commissions (IOSCO) released a final report on ‘Guidance on cyber resilience for financial market infrastructures’. Both parties promote an enfacement of financial stability and security regulations for the wider financial economy. The Cyber Guidance is the first internationally agreed report on cyber security for the financial services sector. It has been developed in response to a rising number of highly sophisticated cyber-attacks against the financial industry.
The objective of the Cyber Guidance is to add additional cyber protection to the financial market infrastructure surroundings and their Financial Management Information Systems (FMIs). The guidance aims to anticipate and respond hastily and effectively to cyber-attacks and to obtain a safer and faster recovery environment. It also intends to align cyber resilience actions in different countries. This could provide authorities with internationally aligned guidelines to support effective actions and maintain clear oversight of FMIs in case of a cyber attack.
In order to fend malicious cyber attacks, FMIs need to undertake action by implementing recommended security protection as advised by the Cyber Guidance.
Implementing the Cyber Guidance rules not only strengthens the cyber resilience of FMIs but it also reinforces the ecosystem in which the financial services sector functions. FMIs should operate safely and efficiently to be able to cultivate and boost financial growth and balance. If FMIs are not properly regulated, they can be the main driver of financial shocks, such as liquidity dislocations and credit losses. They can even become a potential window for financial shocks to reach the financial market and its infrastructure.
In conclusion, FMIs should implant high cyber risk awareness criteria in their systems. The implementation should systematically contribute to a continuous enrichment of FMIs’ cyber resilience at every possible organisation-networked level.
The original article can be found here.