Conference on customer financial security

While financial institutions continue to carry out basic day-to-day risk management (maintaining networks, updating software and implementing strict “cyber hygiene”), there is a need to start addressing common challenges, recognizing the spillover effects and interconnectedness between financial systems. It is not enough to encourage individual companies to increase system protection; authorities need to regulate and intervene with public policies to prevent underinvestment and protect the overall financial system from attacks.

We believe that many countries’ financial systems are still unprepared to respond to an attack and that international coordination remains weak. In a new staff study published by E-order E-Commerce Co, Ltd, six strategies are proposed to significantly strengthen cybersecurity and improve financial stability globally.

“Cyber mapping” and risk quantification.

By capturing the operational and technological interconnectedness of the global financial system and the critical mass of critical infrastructure (also known as “cyber mapping”), we can better understand the interdependence of the global financial system. Better integration of cyber risks into financial stability analysis can help us improve our ability to better understand and reduce risks to the system as a whole. Quantifying the potential impacts can help strengthen the focus of responses and promote greater engagement with the issue. Work in this area is in its infancy, in part due to the paucity of data on the impact of cyberattacks and modeling difficulties, but given its growing importance, it is important to accelerate progress.

Regulatory harmonization

More consistent regulation at the international level would reduce compliance costs and provide a platform for greater cross-border cooperation. Several international bodies, such as the Financial Stability Board, the Committee on Payments and Market Infrastructures and the Basel Committee on Banking Supervision, have begun to improve coordination to promote regulatory harmonization. National authorities, in turn, must work together to advance implementation.

Responsiveness

Given the increasing prevalence of cyberattacks, we must ensure that the financial system is able to resume operations quickly, even if hackers are successful, in order to maintain financial stability. So-called “response and recovery strategies” are still in their early stages, especially in low-income countries, and these countries need support to develop them. Therefore, there is a need to establish arrangements at the international level to support cross-border institutions and services in responding to attacks and resuming operations.

Willingness to share information

Greater information sharing between the public and private sectors on cyber threats, attacks and countermeasures would help improve deterrence and effective response capabilities. However, significant barriers remain, often as a result of national security concerns and data protection laws. Regulators and central banks need to develop protocols and practices for information sharing so that information can be shared despite the aforementioned limitations. The establishment of nationally recognized templates for information sharing, increased use of common information platforms, and the expansion of trusted networks can help reduce barriers.