The Committee on Payments and Market Infrastructures ("CPMI") and IOSCO released a final report that contained the "first internationally agreed guidance on cybersecurity for the financial industry."
Key concepts contained in this guidance include the following:
- cyber governance should be prioritized by board and senior management;
- the ability to resume operations quickly and safely after a successful cyberattack is paramount;
- financial market infrastructures ("FMIs") should make use of rigorous testing and good-quality threat intelligence;
- FMIs should instill a culture of cyber-risk awareness, and should improve and undertake ongoing reevaluations of their cyber resilience at every level of their organizations; and
- because cyber resilience is the collective endeavor of an entire "ecosystem," it cannot be achieved by an FMI alone.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.