In the midst of several large cyberattacks in 2017, the European Commission adopted its multi-sector cybersecurity package in September of that same year. Whereas this initiative can be expected to contribute to strengthening the cyber-resilience and response of EU financial firms, several policy issues and unanswered questions remain. In order to analyse the issues that are considered to be relevant to financial fields (retail banking, corporate banking, capital markets, financial infrastructure and insurance), CEPS-ECRI organised a Task Force between September 2017 and May 2018 with a group of experts from the financial industry, tech industry, national supervisors and European institutions, as well from a consumer association and a law firm.
In this book, based on the Final Report, the Task Force members identify nine policy issues that need to be further addressed in order to bolster the financial industry’s cyber-resilience against current and future threats.
Executive Summary / 1. Characterisation of cyber-incidents / 2. Need for convergence in incident reporting schemes / 3. Optimising information sharing / 4. Need for benchmark statistics on cyber-trends / 5. Complementary policies to reinforce prevention / 6. Complementary policies to strengthen responses in case of cyberattacks / Conclusions / Annex Task Force Members, Observers and Speakers
Sylvain Bouyon is a Research Fellow and Head of Fintech and Retail Finance at CEPS and ECRI.
Simon Krause is a Visiting Researcher at CEPS.