Finance ministers and central bank governors for the G-7 countries (Canada, France, Germany, Italy, Japan, the United Kingdom and the United States) published a report, titled G-7 Fundamental Elements for Effective Assessment of Cybersecurity in the Financial Sector (the "Report"). The Report is a follow-up on a publication titled G-7 Fundamental Elements of Cybersecurity for the Financial Sector (the "2016 Report"), published in October 2016. While recommendations in the Report are not binding regulatory requirements, the Report does provide a clear view of G-7 expectations for effective cybersecurity assessments.
The G-7 members outlined the following criteria for entities to consider when conducting cybersecurity assessments:
- establish clear assessment objectives to provide clarity and facilitate accountability;
- communicate methodology and expectations;
- maintain a diverse portfolio of tools and techniques for cybersecurity evaluations to avoid over-reliance on a single assessment measure;
- report findings in a clear manner and identify concrete remedial measures to be implemented in response; and
- ensure the reliability and fairness of assessments.
Treasury Secretary Steven T. Mnuchin stated that the cooperative effort will contribute to global cybersecurity resiliency:
"A secure, safe, and strong financial sector is essential to promote real growth within the U.S. economy and across the world. Cybersecurity, particularly in the financial sector, is a top priority for the United States, and we are pleased to work with the members of the G-7 to advance a common approach that enhances resiliency."
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
