The Group of Seven bloc of industrial nations this week issued a communiqué outlining eight high-level, non-binding “fundamental elements” of cyber security for the financial sector that are meant to be building blocks for strong network security.
“The elements serve as the building blocks upon which an entity can design and implement its cybersecurity strategy and operating framework, informed by its approach to risk management and culture,” says the Oct. 11 statement issued by the G7 finance ministers and central bank governors.
The communiqué points to more frequent and dangerous cyber attacks that are “threatening to disrupt our interconnected global financial systems and the institutions that operate and support those systems.”
Earlier this year it was reported that cyber thieves using stolen credentials were able to move tens of millions of dollars from the Bank of Bangladesh account with the New York Federal Reserve Bank to fraudulent accounts in the Philippines and Sri Lanka using a global financial messaging system.
The cyber security elements are applicable to private and public sector financial entities and are flexible to allow an organization to “systematically re-evaluate its cybersecurity strategy and framework as the operational and threat environment evolves,” the statement says.
The eight elements include a cyber security strategy and framework, governance, risk and control assessment, monitoring, response, recovery, information sharing, and continuous learning.
The G7 members are the United States, Canada, France, Germany, Italy, Japan and the United Kingdom.