On November 12, the Financial Stability Board (FSB) published a Cyber Lexicon, designed to help financial institutions around the globe address “financial sector cyber resilience.” The Cyber Lexicon sets forth definitions for 54 “core terms related to cybersecurity and cyber resilience in the financial sector.”
“Cyber Resilience,” one of the 54 definitions, is defined as “The ability of an organization to continue to carry out its mission by anticipating and adapting to cyber threats and other relevant changes in the environment and by withstanding, containing and rapidly recovering from cyber incidents.”
Each definition in the Lexicon is accompanied by its source. In the case of “Cyber Resilience,” the definition was “Adapted from CERT Glossary (definition of “Operational resilience”). CPMI-IOSCO and NIST (definition of “Resilience”)”.
According to the accompanying FSB press release, the Cyber Lexicon is expected to support the work of the FSB, standard-setting bodies, regulatory authorities, and financial institutions in the following areas:
- Cross-sector common understanding of relevant cybersecurity and cyber resilience terminology;
- Work to assess and monitor financial stability risks of cyber risk scenarios;
- Information sharing as appropriate; and
- Work by the FSB and/or standard-setting bodies to provide guidance related to cyber security and cyber resilience, including identifying effective practices.
The FSB was established to coordinate at the international level the work of national financial authorities and international standard-setting bodies in order to develop and promote the implementation of effective regulatory, supervisory and other financial sector policies in the interest of financial stability. It brings together national authorities responsible for financial stability in 24 countries and jurisdictions, international financial institutions, sector-specific international groupings of regulators and supervisors, and committees of central bank experts.