The Financial Stability Board (FSB) provided their consultation report, Effective Practices for Cyber Incident Response and Recovery, to the G20 Finance Ministers and Central Bank Governors for their April 15th virtual meeting. The report is a toolkit of 46 effective practices to address “cyber incident response and recovery activities”.
According to the FSB report, the effective practices consist of seven of the following components:
- Governance - frames how cyber incident and recovery is organised and managed.
- Preparation – to establish and maintain capabilities to respond to cyber incidents, and to restore critical functions, processes, activities, systems and data affected by cyber incidents to normal operations.
- Analysis – to ensure effective response and recovery activities, including forensic analysis, and to determine the severity, impact and root cause of the cyber incident to drive appropriate response and recovery activities.
- Mitigation – to prevent the aggravation of the situation and eradicates cyber threats in a timely manner to alleviate their impact on business operations and services.
- Restoration – to repair and restore systems or assets affected by a cyber incident to safely resume business-as-usual delivery of impacted services.
- Improvement – to establish processes to improve response and recovery capabilities through lessons learnt from past cyber incidents and from proactive tools, such as tabletop exercises, tests and drills.
- Coordination and communication – to coordinate with stakeholders to maintain good cyber situational awareness and enhances the cyber resilience of the ecosystem.
For more information on the FSB press release, visit their website here.