Euro Cyber Resilience Board for pan-European Financial Infrastructures: The Euro Cyber Resilience Board for pan-European Financial Infrastructures (ECRB) has played a key role in protecting the security and integrity of the financial system from these threats.
The proliferation of cyber threat actors combined with an increase in remote working and greater digital interconnectedness is raising the risk, frequency and severity of cyberattacks. Increasingly, cyber criminals are launching ransomware attacks and demanding payment in crypto. Cyberattacks related to geopolitical developments – Russia’s aggression against Ukraine in particular – have also become a more common feature of the cyber-threat landscape.
The Euro Cyber Resilience Board for pan-European Financial Infrastructures (ECRB) has played a key role in protecting the security and integrity of the financial system from these threats. The last three years have shown that we can work under adverse conditions towards a common goal. Our financial infrastructures have proven their resilience to cyber threats. But this does not mean we can become complacent or any less vigilant in the face of cyber threats. We simply cannot afford to fall behind the curve: cybersecurity must be the backbone of digital finance.
Today I will take stock of the ECRB’s work. I will then discuss current cyber threats and emerging risks before outlining the implications for our work in the future.
The contribution of the Euro Cyber Resilience Board
The ECRB brings together private and public stakeholders across pan-European financial infrastructures, critical service providers, central banks and other authorities. This offers a unique prism through which the ECRB can identify and fix any weaknesses which cyberattacks could potentially exploit in order to propagate, which in turn would cause systemic ripples throughout the European financial ecosystem.
Let me give three examples of why the ECRB is such a useful forum for cooperation.
First, in the area of information sharing, the ECRB’s Cyber Information and Intelligence Sharing Initiative (CIISI-EU) allows members to exchange information about cyber threats and mitigation in a secure and trusted group environment.
Second, the ECRB has established a crisis coordination protocol that facilitates cooperation and coordination, allowing members to exchange and respond to major cyber threats and incidents.
Third, in the area of training and awareness, the ECRB conducts joint assessments and training sessions to increase common knowledge and understanding. A key pillar of the ECB’s cyber strategy for financial infrastructures is the TIBER-EU framework for threat-led penetration testing, also known as red teaming. In June 2022 the ECRB organised a dedicated roundtable on TIBER-EU where members shared their experience of these kinds of exercises.
In view of their systemic role in the financial system, we will continue to focus on pan-European financial infrastructures. Nonetheless, financial infrastructures are increasingly interdependent through horizontal and vertical links and common participants. They are also reliant on information and communication technology and on third-party service providers. As a result, these infrastructures are exposed to common risks and vulnerabilities through which cyberattacks could propagate swiftly if they are not rigorously managed. The ECRB allows us to join forces to address these risks on a sector-wide level.
ECB
© ECB - European Central Bank
Key
Hover over the blue highlighted
text to view the acronym meaning
Hover
over these icons for more information
Comments:
No Comments for this Article