On 20 April 2020, the Financial Stability Board (FSB) published a consultation report on Effective Practices for Cyber Incident Response and Recovery.
In its consultation report the FSB sets out a toolkit of effective practices that aims to assist organisations in their cyber incident response and recovery activities. The toolkit lists 46 effective practices, structured across seven components:
- Governance – frames how cyber incident and recovery is organised and managed.
- Preparation – to establish and maintain capabilities to respond to cyber incidents, and to restore critical functions, processes, activities, systems and data affected by cyber incidents to normal operations.
- Analysis – to ensure effective response and recovery activities, including forensic analysis, and to determine the severity, impact and root cause of the cyber incident to drive appropriate response and recovery activities.
- Mitigation – to prevent the aggravation of the situation and eradicates cyber threats in a timely manner to alleviate their impact on business operations and services.
- Restoration – to repair and restore systems or assets affected by a cyber incident to safely resume business-as-usual delivery of impacted services.
- Improvement – to establish processes to improve response and recovery capabilities through lessons learnt from past cyber incidents and from proactive tools, such as tabletop exercises, tests and drills.
- Coordination and communication – to coordinate with stakeholders to maintain good cyber situational awareness and enhances the cyber resilience of the ecosystem.
The effective practices are meant to serve as a toolkit of options rather than applied in a one-size-fits-all manner, as not all practices are applicable to every organisation or in every cyber incident. The toolkit does not constitute standards for organisations or their supervisors and is not a prescriptive recommendation for any particular approach.
The deadline for comments on the consultation report is 20 July 2020. The final toolkit, taking on board the feedback from the consultation, will be sent to the October G20 Finance Ministers and Central Bank Governors meeting and published.