Introduction section Cybersecurity: the occasional paper "Proposal for a common categorization of IT incidents" by the G-7 Cyber Expert Group (CEG) has been published

Cybersecurity: the occasional paper "Proposal for a common categorization of IT incidents" by the G-7 Cyber Expert Group (CEG) has been published

Ten financial authorities (Autorité de Contrôle Prudentiel et de Résolution, Banca d’Italia, Commissione Nazionale per le Società e la Borsa, Deutsche Bundesbank, European Central Bank, Federal Reserve Boarde, Financial Conduct Authority, Ministero dell’Economia e delle Finanze, Prudential Regulation Authority e U.S. Treasury) that are members of the G-7 Cyber Expert Group (CEG), representing six of the G-7 jurisdictions, European Union, France, Germany, Italy, United Kingdom and United States, have collaborated to formulate a proposal for a common categorisation of malicious cyber incidents (cyber-attacks) and other information technology (IT) incidents. This proposal is detailed in this Occasional Paper and responds to the challenge that the Finance Ministers and Central Banks Governors presented at their G-7 Finance track meeting in Chantilly in July 2019.
The aim of the proposal is to promote the harmonisation of the various incident reports that authorities require from financial institutions, by defining common principles and developing a common taxonomy for incident reporting. The adoption of these common principles and this common taxonomy would make incident reporting more robust and effective by facilitating a common understanding of incidents, the sharing of information, and the joint management of IT crises of international scope. The participating authorities have taken into account in their proposal the observations made by the representatives of their respective financial sectors.

 

In this sector, in the first months of 2021 the Financial Stability Board (FSB) started working on the reporting of IT incidents and the results will be reported to the G-20.

Related Content