Search Results

You are looking at 1 - 10 of 93 items for :

  • "incident reporting" x
Clear All
International Monetary Fund. Monetary and Capital Markets Department

of national and sectoral computer emergency response teams. In addition to its legal prerogatives, this role has the potential to strengthen the CBB’s credibility and soft power in cybersecurity supervision. 8. Cybersecurity incident reporting is standardized with a reporting template . The cybersecurity incident reporting template adequately covers the different elements of the incident, in other words, the occurrence and detection time of the incident, the attack vectors deployed by the cyber attackers, the classification and the impact assessment. Furthermore

International Monetary Fund. Monetary and Capital Markets Department
Cybersecurity risk is embedded in the CBB’s supervisory framework, but additional enhancements are needed to formalize guidance and develop more intensive supervisory practices. Supervisory expectations on cybersecurity are presented in an informal guidance note, which should be formalized into regulation to ensure enforceability; and an IT/cybersecurity supervisory manual should be developed to promote effective and consistent practices. With its principle-based guidance note, the CBB highlights its priorities in strengthening the cybersecurity posture of Belizean financial institutions. The principles are an appropriate interpretation of international best practices on incident prevention, detection, response, and recovery measures, adapted to the cyber maturity of the Belizean financial institutions, and can be used as a foundation for the formalized guidelines. The manual could emphasize the review of cybersecurity strategies, policies, and responsibility specifications and should address obtaining assurance on the effectiveness of the financial institutions’ processes for cyber risk identification, assessment, and mitigation.
International Monetary Fund. Monetary and Capital Markets Department

of, and response to, changes in cybersecurity threat patterns in the financial sector. Cybersecurity incident reports are an additional tool for the FSA and Norges Bank to understand the level of cyber-resilience of the financial sector and to respond to cyber-attacks in a timely and coordinated manner. Further improvements in the collection, sharing and handling of information on cybersecurity incidents are recommended . Clear qualitative and/or quantitative thresholds, as well as clearer processes and formats on the reporting of cybersecurity incidents, could

International Monetary Fund. Monetary and Capital Markets Department
The Norwegian financial system has a long history of incorporating new technology. Norway is at the forefront of digitization and has tight interdependencies within its financial system, making it particularly vulnerable to evolving cyber threats. Norway is increasingly a cashless society, with surveys and data collection suggesting that only 10 percent of point-of-sale and person-to-person transactions in 2019 were made using cash.1 Most payments made in Norway are digital (e.g., 475 card transactions per capita per annum)2 and there is an increase in new market entrants providing a broad range of services. Thus, good cybersecurity is a prerequisite for financial stability in Norway.
Tamas Gaidosch, Frank Adelmann, Anastasiia Morozova, and Christopher Wilson

, domains, indicators of compromise, etc.); adversary tactics, techniques, and procedures; best practices; security tool confgurations; threat analysis; and cyber incident details. The goal of the information gathering and analysis is to help build a threat profile for each individual supervised firm, and in their combination a threat profile for the complete financial sector. Incident reporting by supervised firms is a key component of understanding the threat landscape. Well-designed incident reporting frameworks are needed to help gather data on trends in the