Proposal for a Common Categorisation of IT Incidents

34 Pages Posted: 27 May 2021

Date Written: May 14, 2021

Abstract

This paper presents the proposal for a common categorisation of malicious cyber incidents (cyber‑attacks) and other information technology (IT) incidents formulated by ten financial authorities that are members of the G‑7 Cyber Expert Group (CEG) and that represent six of the G‑7 jurisdictions. The aim of the proposal is to promote the harmonisation of the various incident reports that authorities require from financial institutions by defining common principles and developing a common taxonomy for incident reporting. The adoption of these common principles and taxonomy should make incident reporting more robust and effective by facilitating a common understanding of incidents, the sharing of information, and the joint management of IT cross‑border crises.

Keywords: IT incidents, cyber incidents, operational incidents, taxonomy

JEL Classification: F50, G20, K24, L50

Suggested Citation

Financial Authorities members of the G-7 Cyber Expert Group (CEG), Financial Authorities members of the G-7 Cyber Expert Group (CEG), Proposal for a Common Categorisation of IT Incidents (May 14, 2021). Bank of Italy Markets, Infrastructures, Payment Systems Working Paper No. 6, Available at SSRN: https://ssrn.com/abstract=3854999

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
42
Abstract Views
199
PlumX Metrics