The Basel, Switzerland-based Financial Stability Board today sought public feedback on a set of 46 cyber incident response and recovery practices for financial institutions. These practices are organized into seven categories, and comments are due by July 20.
The seven categories are governance, preparation, analysis, mitigation, restoration, improvement and coordination and communication. While they are designed to inform national regulators’ cybersecurity approaches, “the effective practices are meant to serve as a toolkit of options rather than applied in a one-size-fits-all manner, as not all practices are applicable to every organization or in every cyber incident,” the FSB said. “The toolkit does not constitute standards for organizations or their supervisors and is not a prescriptive recommendation for any particular approach.”