On 13 January 2016, a group of ECSDA representatives took part in a meeting organised by the CPMI and IOSCO at the European Central Bank in Frankfurt to discuss new international guidance on the cyber resilience of financial market infrastructures.
Several issues where discussed including:
- the fact that smaller infrastructures with a low risk profile cannot be expected to have the same level of detail and sophistication in their cyber resilience framework as large, cross-border infrastructures;
- the sometimes excessive emphasis put on the formalisation and documentation of cyber security plans, policies and procedures;
- the notion of “critical” service providers;
- the need to avoid the temptation to translate best practice standards on cyber security into binding legislation at local level.