G-7 emits cybersecurity guidelines for financial sector

Cyberattacks are increasing as hackers deploy more sophisticated schemes to target high-level officials, financial institutions and governments. So far many have been caught off guard and the lack of a complex cybersecurity strategy in this landscape has been more than evident.

The G-7 Cyber Expert Group released some fundamental elements of cybersecurity to help entities in the financial sector protect themselves from cyberattacks. Canada, France, Germany, Italy, Japan, the UK and the US, which form the economic consortium, were asked about their strategy to protect themselves from cybercriminals and the roadblocks they had encountered in trying to minimize risk.

The elements discuss principles for cybersecurity strategy and framework, governance, risk and control assessment, monitoring, response, recovery, information sharing and continuous review of gaps and lessons learned.

“The fundamental elements announced today are a significant achievement in our efforts to cooperate and improve cybersecurity within our countries,” said Treasury Deputy Secretary Sarah Bloom Raskin, co-chair of the G-7 Cyber Expert Group. “They are also a testament to the growing international resolve to counter cyberattacks and I encourage private and public sector leaders alike to use them to drive and fortify their institutions” cybersecurity and resiliency.”

The regular cyberattacks on banks across the globe and on the SWIFT system confirm the financial sector is one of the most exposed to cyberattacks. Energy and telecommunications also top the list. Evaluating the measures of countries in the G-7 lets authorities in other jurisdictions use them to update public policy and enhance regulatory and supervisory efforts.

When setting up the cybersecurity strategy, entities should tailor the frameworks “to their nature, size, complexity, risk profile, and culture,” clearly define roles and responsibilities for chose in charge of the proper flow of the cybersecurity strategy. Thoroughly identify risks and implement controls because “the sector”s critical economic functions range from deposit taking, lending, and payments to trading, clearing, settlement, and custody.” Constantly monitor activities to detect attacks and regularly evaluate processes, time of response and testing.

“The international financial architecture is only as strong as its weakest link and that is why the United States should work with our partners around the world to bolster their information security and resiliency,” said Federal Reserve Board Vice Chairman Stanley Fischer. “These elements are a crucial step in further hardening each link in the chain of our global financial system.”