The G7 adopts new principles to strengthen the cyber security of the global financial system

The G7 continues in its efforts to strengthen the digital resilience of the financial system. The Finance Ministers and Central Bank Governors recently approved the publication of a set of principles on third-party cyber risk management (G7 Fundamental Elements for Third Party Cyber Risk Management in the Financial Sector) and on countering ransomware risks (G7 Fundamental Elements of Ransomware Resilience for the Financial Sector).

The G7 Fundamental Elements for Third Party Cyber Risk Management in the Financial Sector update the principles published in 2018 on the same topic in relation to the increasing use of ICT services outsourcing and to the new forms of cyber threats to the supply chain. The document includes recommendations addressed to financial entities and authorities on the continuous monitoring of relations with third parties. identifying critical service providers and mitigating the risks linked to concentration risks.

The G7 Fundamental Elements of Ransomware Resilience for the Financial Sector contain recommendations for public and private financial entities on how to address the growing threat of ransomware attacks, identifying the minimum measures to be adopted both to prevent and to mitigate the impact of possible attacks.