Conclusion
Enhancing cyber resilience requires a multifaceted approach comprising activities to support the Protect, Detect, Respond and Recover functions. [FSB (2018), pages 10 and 11 for definitions of the Protect and Detect functions.] While organisations look to preventative capabilities to enhance their Protect and Detect functions, well-established response and recovery capabilities are essential to reduce the impact of a cyber incident and minimise the risk of contagion in the financial system.
This toolkit provides a set of effective practices that serve as building blocks for enhancing CIRR activities. Organisations can adopt and adapt from the range of practices in the toolkit to cater to the complexity of their IT environments and changing business models. Organisations and authorities alike will also evolve good practices in response to the changing cyber threat landscape, as they learn from their own experiences and gain additional insights from cyber incidents and near misses in terms of methods used and vulnerabilities exploited.
CIRR concerns all organisations in the financial ecosystem as the financial system is only as strong as its weakest link. Therefore, organisations and authorities must collectively strengthen their capabilities through frequent engagements in information sharing, exchange of best practices and cyber-related exercises.