The Bank for International Settlements (BIS), has today released a new report titled 'Guidance on Cyber Resilience for Financial Market Infrastructures,' amid growing concerns of cyber-related hacks, and the ongoing need for improved security measures to be taken to protect market integrity and underlying participants.
The report was published by the Committee on Payments and Market Infrastructure (CPMI) together with the International Organization of Securities Commissions (IOSCO), and follows after the organizations had conducted a three-month public consultation after a prior version of the report was released.
The document is intended to supplement the guidelines already contained in the Principles for Financial Market Infrastructures (PFMI) and not intended to add additional standards. Instead, the guidance aims to increase awareness on relevant matters while aiming to provide international consistency as markets are intertwined and pose systemic risks to cyber hacks.
Cyber Guidance for FMIs
An introduction to the report states that the safe and efficient operations of financial market infrastructures (FMIs) is essential for economic growth and financial stability to be maintained and promoted.
The report aims to standardize the industryβs ongoing efforts to improve cyber resilience, by implementing international consistency across FMIs β including their ability to anticipate and respond to cyber-attacks effectively.
Areas highlighted in the report include how FMIs should have methods and processes to identify potential cyber threats, as well as how threat intelligence is processed, and the scope of cyber threat intelligence gathering.
Approaches to cyber risk
The 32-page BIS report also discussed areas where FMIs need to have measures to acquire new knowledge and capabilities related to cyber risk, and a predictive capacity, as well as planning ahead, and the use of Information-sharing including in groups.
Cyber Guidance provided in the report aims to also give authorities a set of internationally-agreed guidelines, in order to help support oversight and supervision of FMIs in a consistent manner with regard to cyber risk.
The news follows on the heels of recent major cyber heists in finance, including $81 million from accounts belonging to the Central Bank of Bangladesh via Malware intrusion into SWIFT's client software, and more recently cryptocurrency-related breaches into Gatecoin via a hot wallet cyber attack last month, and followed by a hack into the DAO network which runs Ethereum - just two weeks ago.
The report comes two days after the Central Bank of Bangladesh ended its contract with FireEye,- according to reports by Reuters - after the country's central bank had hired the security firm to investigate the $81 million cyber theft.