Financial Crime World

Private-Public Engagement Crucial for Cybersecurity in Financial Sector

In today’s digital age, the stability of the financial system and cyber resilience are essential public goods that require collaboration between public authorities and private actors. A new study highlights the importance of “private-public engagement” in ensuring the delivery of these public goods.

The Role of Private Actors in Cybersecurity

The study emphasizes that the private sector plays a vital role in fighting cyber-attacks against the financial sector. Critical infrastructure operators and standard setters are at the forefront of this battle, working closely with government agencies to prevent and respond to threats.

Challenges in Ensuring Public Goods

However, ensuring the delivery of these public goods is not without its challenges. The study notes that the current regulatory landscape for cybersecurity in the financial sector is characterized by a multilevel structure, involving international, European, and national authorities, as well as private actors.

Levels of Public Responsibility

The research highlights three levels of public responsibility:

  • Comprehensive State Responsibility: This approach involves government agencies taking full responsibility for ensuring cyber resilience.
  • Collaborative Approach: This approach involves public authorities working closely with private actors to deliver public goods.
  • Umbrella Responsibility: This approach involves public authorities setting the overall framework and guidelines, while private actors are responsible for implementing these measures.

The study also examines the legal framework for cybersecurity in the financial sector, which is characterized by a mix of mandatory and voluntary provisions. International organizations, such as the Financial Stability Board (FSB), have developed standards and guidelines to help improve cybersecurity in the financial sector.

FSB Survey Findings

According to the FSB’s 2017 survey, all member jurisdictions address banks and financial market infrastructures, while most also address trading venues, insurance companies, broker-dealers, and asset managers. The scope of these schemes differs significantly, with some targeting specific sectors or subsectors.

Key Takeaways

  • Private-public engagement is crucial for ensuring the delivery of public goods such as cybersecurity in the financial sector.
  • The private sector plays a vital role in fighting cyber-attacks against the financial sector.
  • The current regulatory landscape for cybersecurity in the financial sector is characterized by a multilevel structure, involving international, European, and national authorities, as well as private actors.
  • International organizations, such as the FSB, have developed standards and guidelines to help improve cybersecurity in the financial sector.

Recommendations

  • Public authorities should work closely with private actors to develop effective strategies for preventing and responding to cyber threats.
  • Private companies should be encouraged to adopt international standards and guidelines for cybersecurity.
  • Regulatory bodies should ensure that their schemes are Principles-based, rather than Rule-based, to allow for flexibility and adaptability in the face of rapidly evolving cyber threats.

Conclusion

By working together, public authorities and private actors can ensure the stability of the financial system and protect against cyber threats.