The Basel, Switzerland-based Financial Stability Board today issued a toolkit of 49 cyber incident response and recovery practices for financial institutions. Released after a public consultation earlier this year, these practices are organized into seven categories: governance; planning and preparation; analysis; mitigation; restoration and recovery; coordination and communication; and improvement.
“The toolkit is not intended to create an international standard, or constitute standards for organizations and their supervisors,” the FSB said in its introduction. “It is not a prescriptive recommendation for any particular approach. The toolkit is designed as a range of effective practices that any organization can choose from, based on its size, complexity and risks.”