Advertisement

G-7 out with cyber guidance for banks

The guidance is the first real effort to establish transnational standards for cybersecurity in perhaps the most high-stakes sector of all — financial services.
DanaBot
(Getty)

The G-7 group of leading economies published very high-level cybersecurity guidance for public and private sector financial institutions on Tuesday.

The guidance is the first real effort to establish transnational standards for cybersecurity in perhaps the most high-stakes sector of all — financial services.

It comes after a number of online attacks on SWIFT, the global interbank messaging system, including a successful compromise in February that stole $81 million from the Bangladeshi central bank’s account at the New York Federal Reserve and laundered it through Philippine casinos.

“Sovereign borders do not contain these [online] threats, and accordingly, nations must work together to address them,” Treasury Deputy Secretary Sarah Bloom Raskin warned in a statement. The G-7 is made up of the seven largest developed economies — Britain, Canada, France, Germany, Italy, Japan and the United States.

Advertisement

Raskin, co-chair of the G-7 Cyber Expert Group, which drafted the three-page non-binding guidance, said it aimed to provide eight “fundamental elements” of cybersecurity based on an “emerging consensus” about best practices.

“It has to be dynamic,” she said, noting that threats change and evolve constantly.

The eight fundamental elements are:

  • Having a cybersecurity strategy and framework;
  • Governance — make sure that those with cybersecurity responsibilities also have the authorities and can be held accountable;
Advertisement
  • Assess risks, implement appropriate controls;
  • Network monitoring — to identify cyber incidents and measure the effectiveness of controls;
  • Response planning and coordination;
  • Recovery preparation;
  • Information sharing; and
Advertisement
  • Continuous learning

Officials stressed how the financial services sector is connected on a global level, highlighting the importance of transnational guidance.

“The international financial architecture is only as strong as its weakest link and that is why the United States should work with our partners around the world to bolster their information security and resiliency,” said Federal Reserve Board Vice Chairman Stanley Fischer.

He called the eight fundamental elements “a crucial step in further hardening each link in the chain of our global financial system.”

But the immediate ambition of the project seems more limited.

Advertisement

“We hope [it will] drive a common lexicon,” said a Treasury official. “We hope it will … identify, across the G-7, where there might be, not just different approaches, but different vulnerabilities.”

Shaun Waterman

Written by Shaun Waterman

Contact the reporter on this story via email Shaun.Waterman@FedScoop.com, or follow him on Twitter @WatermanReports. Subscribe to CyberScoop to get all the cybersecurity news you need in your inbox every day at CyberScoop.com.

Latest Podcasts