1、 Financial Stability Institute FSI Insights on policy implementation No 50 Banks cyber security a second generation of regulatory approaches By Juan Carlos Crisanto,Jefferson Umebara Pelegrini and Jermy Prenio June 2023 JEL classification:G21,G28,O33 Keywords:cyber risk,cyber security,cyber resilien

2、ce,operational resilience FSI Insights are written by members of the Financial Stability Institute(FSI)of the Bank for International Settlements(BIS),often in collaboration with staff from supervisory agencies and central banks.The papers aim to contribute to international discussions on a range of

3、contemporary regulatory and supervisory policy issues and implementation challenges faced by financial sector authorities.The views expressed in them are solely those of the authors and do not necessarily reflect those of the BIS or the Basel-based committees.Authorised by the Chair of the FSI,Ferna

4、ndo Restoy.This publication is available on the BIS website(www.bis.org).To contact the BIS Media and Public Relations team,please email pressbis.org.You can sign up for email alerts at www.bis.org/emailalerts.htm.Bank for International Settlements 2023.All rights reserved.Brief excerpts may be repr

5、oduced or translated provided the source is stated.ISSN 2522-249X(online)ISBN 978-92-9259-663-7(online)Banks cyber security a second generation of regulatory approaches iii Contents Executive summary.4 Section 1 Introduction.6 Section 2 International regulatory initiatives.8 Section 3 Design of cybe

6、r resilience regulations.11 Section 4 Key regulatory requirements for cyber resilience.14 Cyber security strategy and governance.14 Cyber incident response and recovery.16 Cyber incident reporting and threat intelligence-sharing.17 Cyber resilience testing.18 Cyber hygiene.20 Third-party dependencie