Cyber resilience, information security and operational continuity

Size: px

Start display at page:

Download "Cyber resilience, information security and operational continuity"

Coleen Joseph
6 years ago
Views:

1 Cyber resilience, information security and operational continuity Global Payments Week Torino, September 20/2016

2 Introduction The CPMI published earlier this year the Guidelines for cyber resiliency for financial market infrastructures, aimed at helping FMIs to improve their cyber resilience frameworks. Recent cyber attacks have highlighted the increasing importance that cyber security has taken for central banks and, in general, for financial institutions. Due to their potential to create havoc, cyber attacks pose important risks to the financial system. Considering the role that central banks play in financial stability, is of utmost importance that these institutions analyze the risks that cyber threats represent. 2

3 Threats Attacks and attackers are becoming highly sophisticated, meticulously organized and cross-border. Financial institutions, including central banks, now confront an organized criminal industry Financial services have become particularly IT-intensive, with products mostly being offered through electronic channels. By compromising the confidentiality and integrity of information, cyber attacks can disrupt financial services and undermine public trust. Additionally, the financial industry is highly interconnected. Thus, the consequences of a succesful cyber attack could spread rapidly and may be hard to contain, affecting financial services that are time-critical. 3

4 Challenges Cyber risks evolve constantly. Cyber criminals can adapt much faster to new tools and technology than traditional financial institutions, and their motivations are diverse. It is difficult to characterize them and to establish one-size-fits-all mechanisms to contain them. Financial institutions personnel can be willing or unwilling participants in cyber attacks. How to achieve a balance between efficient and secure operating processes? How to make sure that only qualified and trusted staff are in charge of critical systems and processes? FMIs need to comply with the 2-hour RTO established by PFMIs, even in case of a cyber attack. 4

5 Preparation Central banks have experience regarding cyber security and operational continuity, given their role as FMI operators. However, additional steps are required to be fully prepared. Disaster Recovery Plans (DRPs) and Business Continuity Plans (BCPs) need to be set up and continuously tested. Central banks have to establish minimum requirements on cyber security and operational continuity on their regulation and supervise them continuously. Cooperation among central banks and financial institutions is fundamental to sharing information and preventing propagation of cyber attacks and threats. 5

6 Bank of Mexico s experience Bank of Mexico has implemented several actions in order to enhance its cyber security framework: Participation in international groups to share information, to stay updated on new cyber threats. Yearly internal and external cyber security evaluations of the technological infrastructure used by the payment systems, in particular by the Mexican RTGS, SPEI. Implementation of high availability mechanisms in SPEI, in case the main site is unavailable. Establishment of cyber security and operational continuity requirements for participants in the payments systems operated by the central bank. A permanent supervision program of those requirements. Initial steps to establish a working group on cyber security and operational continuity for SPEI Development of the BCP for SPEI. Regular DRP exercises with participants. 6

7 Discussion Central banks need to take cyber threats very seriously. In particular, the LAC region has to enhance its level of preparedness to handle and contain cyber attacks. In this session, we will discuss and share experiences in this important subject. How your institution has been affected by cyber attacks? How operational risk is handled by central banks and FMIs? How coordination and sharing of information help to improve cyber incident management? What actions have been taken by your institutions to regulate and supervise cyber and operational continuity requirements? We hope that this session will be helpful and promote effective actions in our own jurisdictions. 7

Wiebe Ruttenberg & Emran Islam DG Market Infrastructure & Payments. From Cyber Threats via Cyber Security to Cyber Resilience

Wiebe Ruttenberg & Emran Islam DG Market Infrastructure & Payments From Cyber Threats via Cyber Security to Cyber Resilience AMISeCo meeting, 7 March 2017 Rubric Cyber threats landscape Cyber threats are