Strengthening Cyber Resilience in the Financial Sector

A recent report by the Carnegie Endowment for International Peace emphasizes the need for a comprehensive strategy to address the threat of cyberattacks in the financial sector. The strategy is based on four key principles:

Principles for Strengthening Cyber Resilience

• Greater Clarity about Roles and Responsibilities: Establish effective domestic relationships among financial authorities, law enforcement, diplomats, other relevant government actors, and industry to ensure a coordinated response to cyber threats.
• International Collaboration: International cooperation is essential given the scale of the threat and the globally interdependent nature of the financial system.
• Reducing Fragmentation: Reducing fragmentation will free up capacity to tackle the problem, as many initiatives are underway to better protect financial institutions but remain siloed.
• Protecting the International Financial System: Protecting the international financial system can serve as a model for other sectors.

Recommended Actions to Strengthen Cyber Resilience

To enhance cyber resilience in the financial sector, the report recommends the following actions:

Developing a Basic Framework for Supervising Cyber Risk Management

• Establish a clear framework for supervising cyber risk management at financial institutions

Strengthening Security through Information Sharing and CERTs

• Strengthen security by sharing information on threats and creating financial computer emergency response teams (CERTs)

Prioritizing Resilience against Data and Algorithm Attacks

• Prioritize increasing the financial sector’s resilience against attacks targeting data and algorithms

Establishing Entities for Threat Assessment and Coordination

• Establish entities to assist in assessing threats and coordinating responses

Building Capacity through Training and Hiring

• Build capacity through training and hiring talented people to strengthen the cybersecurity workforce