Executive summary
Cyber incidents [A cyber incident is a cyber event that: (i) jeopardizes the cyber security of an information system or the information the system processes, stores or transmits; or (ii) violates the security policies, security procedures or acceptable use policies, whether resulting from malicious activity or not. See FSB (2018) Cyber Lexicon, November, page 9.] pose a threat to the stability of the global financial system. In recent years, there have been a number of cyber incidents that have significantly impacted financial institutions and the ecosystems in which they operate. [The twin episodes of the NotPetya and the WannaCry ransomware attack in 2017, for example, showed the potential of cyber incidents to be both widespread and devastating.] A significant cyber incident, if not properly contained, could seriously disrupt the financial system, including critical financial infrastructure, leading to broader financial stability implications.
Efficient and effective response to and recovery from a cyber incident by organisations in the financial ecosystem are essential to limit any related financial stability risks. Such risks could arise, for example, from interconnected IT systems between multiple financial institutions or between financial institutions and third-party service providers, from loss of confidence in a major financial institution or group of financial institutions, or from impacts on capital arising from losses due to the incident. The cyber resilience of organisations is crucial for the smooth functioning of the financial system and in engendering financial stability.