G7 countries adopt reports on cybersecurity

Cybersecurity in the financial sector remains of key importance for G7 countries. The G7 Cyber Expert Group, with members from the Federal Ministry of Finance, the Bundesbank and the Federal Financial Supervisory Authority (BaFin) representing Germany, drew up two additional reports setting out the fundamental elements for risk management. These were adopted by the G7 finance ministers and central bank governors on 11 October 2018 on the margins of the IMF’s annual meeting in Bali, and are of an advisory nature.

The G7 Fundamental Elements for Third Party Cyber Risk Management in the Financial Sector primarily include risk management components for the financial sector regarding individual use and interacting with third parties, such as cloud service providers, while also pointing out potential systemic risks.

The G7 Fundamental Elements for Threat-Led Penetration Testing provide the financial sector with guidelines on how they can better assess their cyber resilience by means of simulated cyber attacks.

Besides the fundamental elements just adopted, Fundamental Elements of Cybersecurity for the Financial Sector and Fundamental Elements for Effective Assessment of Cybersecurity for the Financial Sector were already published in 2016 and 2017.