IDEAS home Printed from https://ideas.repec.org/p/bdi/wpmisp/mip_006_21.html
   My bibliography  Save this paper

Proposal for a common categorisation of IT incidents

Author

Listed:
  • Autorite de Controle Prudentiel et de Resolution
  • Banca d'Italia
  • Commissione Nazionale per le Società e la Borsa
  • Deutsche Bundesbank
  • European Central Bank
  • Federal Reserve Board
  • Financial Conduct Authority
  • Ministero dell'Economia e delle Finanze
  • Prudential Regulation Authority
  • U.S. Treasury

Abstract

This paper presents the proposal for a common categorisation of malicious cyber incidents (cyber‑attacks) and other information technology (IT) incidents formulated by ten financial authorities that are members of the G-7 Cyber Expert Group (CEG) and that represent six of the G-7 jurisdictions. The aim of the proposal is to promote the harmonisation of the various incident reports that authorities require from financial institutions by defining common principles and developing a common taxonomy for incident reporting. The adoption of these common principles and taxonomy should make incident reporting more robust and effective by facilitating a common understanding of incidents, the sharing of information, and the joint management of IT cross-border crises.

Suggested Citation

  • Autorite de Controle Prudentiel et de Resolution & Banca d'Italia & Commissione Nazionale per le Società e la Borsa & Deutsche Bundesbank & European Central Bank & Federal Reserve Board & Financial Co, 2021. "Proposal for a common categorisation of IT incidents," Mercati, infrastrutture, sistemi di pagamento (Markets, Infrastructures, Payment Systems) 6, Bank of Italy, Directorate General for Markets and Payment System.
  • Handle: RePEc:bdi:wpmisp:mip_006_21
    as

    Download full text from publisher

    File URL: https://www.bancaditalia.it/pubblicazioni/mercati-infrastrutture-e-sistemi-di-pagamento/approfondimenti/2021-006/N.6-MISP.pdf
    Download Restriction: no
    ---><---

    More about this item

    Keywords

    it incidents; cyber incidents; operational incidents; taxonomy;
    All these keywords.

    JEL classification:

    • F50 - International Economics - - International Relations, National Security, and International Political Economy - - - General
    • G20 - Financial Economics - - Financial Institutions and Services - - - General
    • K24 - Law and Economics - - Regulation and Business Law - - - Cyber Law
    • L50 - Industrial Organization - - Regulation and Industrial Policy - - - General

    NEP fields

    This paper has been announced in the following NEP Reports:

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:bdi:wpmisp:mip_006_21. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: the person in charge (email available below). General contact details of provider: https://edirc.repec.org/data/bdigvit.html .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.