1. Introduction
Enhancing cyber resilience is a key priority for financial authorities and FIs and has been a key element of the FSB's work programme to promote financial stability. This work has included developing a better understanding of supervisory and regulatory practices around cyber security [FSB (2017), Summary Report on Financial Sector Cyber security Regulations, Guidance and Supervisory Practices, October.], creating a common language related to cyber through the development of a Cyber Lexicon [FSB (2023).] and establishing a toolkit of effective practices for cyber incident response and recovery [FSB (2020), Effective Practices for Cyber Incident Response and Recovery, October.]. In many jurisdictions, financial authorities have introduced CIR requirements for FIs, which are crucial for effective policy response and promoting financial stability. Over the last decade however, meaningful differences have and continue to emerge in the requirements and practices associated with CIR, which the FSB explored in greater detail in its 2021 stocktake [FSB (2021), CIR: Existing Approaches and Next Steps for Broader Convergence, October.].