Cyber risks, a new threat to financial stability
Many of us take it for granted to withdraw money from our bank account and electronically transfer it to a family member in another country and pay bills over the internet. Amid the global pandemic, we have realized the importance of digital connectivity in our daily lives. But what if a cyber attack interrupts banking and the required transfer does not arrive?
The number of cyber-attacks has tripled in the last decade as our reliance on digital financial services has increased and financial services remain at the greatest risk. It is clear that cybersecurity has become a threat to financial stability.
Given the strength of the financial and technological context, a successful attack on a large financial institution, platform, or multi-use service could quickly spill over into the financial system, causing widespread disruption and loss of value. Trust. Transactions can fail because liquidity is blocked and families and businesses lose access to deposits and payments. In such a severe scenario, investors and depositors could demand their money or attempt to terminate their accounts or other services and products that they regularly use.
Hacking tools are now cheaper, simpler, and more powerful, allowing hackers with limited skills to do more damage at a fraction of the previous cost. The expansion of mobile services, which for many is the only technology platform, increases the opportunities for hacking. Attackers target large and small companies, rich and poor countries, and operate across borders. Therefore, combating cybercrime and reducing its risks must be a shared responsibility between and within countries.
While financial institutions remain the primary daily operators of risk management - maintaining networks, updating software, and implementing robust cyber cleanup - common challenges also need to be addressed and the requirements identified, implications and interrelationships between different parts of the financial system. System. Incentives to invest in protection are inadequate for individual companies, and regulation and policy intervention are needed to avoid underinvestment and protect the entire financial system from the consequences of possible attacks.
With regard to legislative convergence, greater international coherence in regulation and supervision will reduce compliance costs and provide a platform for increased cross-border cooperation. Efforts have been made to improve coordination and rapprochement between international organizations such as the Financial Stability Board, the Committee on Financial Markets Infrastructures and Payments, and the Basel Committee. National authorities should cooperate in implementing the implementation.
In terms of the ability to respond to the increasing prevalence of cyber attacks, the financial system must be able to quickly resume operations even in the event of a successful attack where stability is protected. Especially in low-income countries, so-called reaction and revitalization strategies are still emerging and therefore need support
In relation to the desire for joint action, increased information sharing on threats, attacks and responses between the public and private sectors would improve deterrence and effective response capabilities. However, significant obstacles remain, often related to national security concerns and data protection laws. Regulators and central banks should implement information-sharing protocols and practices that function effectively within these constraints. Existing obstacles can be removed through a globally accepted information exchange model, increased use of shared information platforms and expanded trust networks.
With stronger deterrence, cyber attacks are expected to become more expensive and dangerous through effective measures to confiscate the proceeds of crime and prosecute criminals. By stepping up international efforts to prevent, disrupt and deter attackers, risks at their source can be reduced. This requires close cooperation between law enforcement authorities and the national authorities responsible for critical infrastructures or security in all relevant states and authorities. Since hackers don't see borders, fighting global crime requires enforcing agreed laws around the world.
In terms of capacity building, helping developing and emerging economies build their cybersecurity capacity building will improve financial stability and support financial inclusion. Low-income countries are very vulnerable to cyber risks. The COVID-19 pandemic crisis has underscored the critical role of electronic connectivity in developing countries. Using technology in a way that ensures security and protection will remain a central theme of development, and with it the need to ensure that cyber risks are addressed. And as with any virus, the spread of cyber threats in any country makes the rest of the world less secure.
To fill all of these gaps, standardization agencies, national regulatory agencies, regulators, industry associations, the private sector, law enforcement agencies, international organizations and authorities need to work together with other service providers and donors. Capacity building. The Fund focuses its efforts on assisting low-income countries, providing capacity-building services for financial regulators, highlighting the problems of these countries and their prospects for international organizations and through discussions. Politics in which these countries are not sufficiently represented.
Hacking tools are now cheaper, simpler, and more powerful, allowing hackers with limited skills to do more damage at a fraction of the previous cost. The expansion of mobile services, which for many is the only technology platform, increases the opportunities for hacking. Attackers target large and small companies, rich and poor countries, and operate across borders. Therefore, combating cybercrime and reducing its risks must be a shared responsibility between and within countries.
While financial institutions remain the primary daily operators of risk management - maintaining networks, updating software, and implementing robust cyber cleanup - common challenges also need to be addressed and the requirements identified, implications and interrelationships between different parts of the financial system. System. Incentives to invest in protection are inadequate for individual companies, and regulation and policy intervention are needed to avoid underinvestment and protect the entire financial system from the consequences of possible attacks.
In our view, we see that many national financial systems are not yet ready to face attack and that international coordination remains weak. In new research by IMF experts, we have developed six core strategies that will significantly strengthen cybersecurity and improve financial stability worldwide.
With cyber mapping and risk quantification, a better understanding of the interdependencies in the global financial system can be achieved by mapping the most important operational and technological relationships and the critical infrastructure. Better integration of cyber risks into financial stability analysis improves the ability to understand and mitigate systemic risks. Quantifying the potential impact will help target the response and encourage greater engagement with the problem. Work in this area is still young, partly due to a lack of data on the impact of cyber events and challenges to the modeling process. However, it needs to be accelerated as its importance increases.With regard to legislative convergence, greater international coherence in regulation and supervision will reduce compliance costs and provide a platform for increased cross-border cooperation. Efforts have been made to improve coordination and rapprochement between international organizations such as the Financial Stability Board, the Committee on Financial Markets Infrastructures and Payments, and the Basel Committee. National authorities should cooperate in implementing the implementation.
In terms of the ability to respond to the increasing prevalence of cyber attacks, the financial system must be able to quickly resume operations even in the event of a successful attack where stability is protected. Especially in low-income countries, so-called reaction and revitalization strategies are still emerging and therefore need support
In relation to the desire for joint action, increased information sharing on threats, attacks and responses between the public and private sectors would improve deterrence and effective response capabilities. However, significant obstacles remain, often related to national security concerns and data protection laws. Regulators and central banks should implement information-sharing protocols and practices that function effectively within these constraints. Existing obstacles can be removed through a globally accepted information exchange model, increased use of shared information platforms and expanded trust networks.
With stronger deterrence, cyber attacks are expected to become more expensive and dangerous through effective measures to confiscate the proceeds of crime and prosecute criminals. By stepping up international efforts to prevent, disrupt and deter attackers, risks at their source can be reduced. This requires close cooperation between law enforcement authorities and the national authorities responsible for critical infrastructures or security in all relevant states and authorities. Since hackers don't see borders, fighting global crime requires enforcing agreed laws around the world.
In terms of capacity building, helping developing and emerging economies build their cybersecurity capacity building will improve financial stability and support financial inclusion. Low-income countries are very vulnerable to cyber risks. The COVID-19 pandemic crisis has underscored the critical role of electronic connectivity in developing countries. Using technology in a way that ensures security and protection will remain a central theme of development, and with it the need to ensure that cyber risks are addressed. And as with any virus, the spread of cyber threats in any country makes the rest of the world less secure.
To fill all of these gaps, standardization agencies, national regulatory agencies, regulators, industry associations, the private sector, law enforcement agencies, international organizations and authorities need to work together with other service providers and donors. Capacity building. The Fund focuses its efforts on assisting low-income countries, providing capacity-building services for financial regulators, highlighting the problems of these countries and their prospects for international organizations and through discussions. Politics in which these countries are not sufficiently represented.