Categories: U.S. Treasury

G7 Cyber Expert Group Releases New Reports on Ransomware and Third-Party Risk

WASHINGTON—The G7 Cyber Expert Group (CEG) – which U.S. Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure (OCCIP) co-chairs alongside the Bank of England – recently released two reports addressing ransomware and third-party risk within the financial sector. These free and publicly available resources are intended to help financial sector entities better understand cybersecurity topics as agreed upon by a multilateral consensus.  

The Fundamental Elements of Ransomware Resilience for the Financial Sector provides financial entities with high-level building blocks for addressing the ransomware threat. The document is part of a series of Fundamental Elements produced by the CEG, all of which are non-prescriptive and non-binding, and provide an overview of the current policy approaches, industry guidance, and best practices in place throughout the G7. The aim of this document is for financial institutions – both public and private – to use its guidance for their own internal ransomware mitigation activities. Additionally, the collaboration between the G7 jurisdictions on producing this report highlights global efforts to promote the resilience of the financial sector. 

The CEG’s other product for 2022, The Fundamental Elements of Third-Party Risk Management for the Financial Sector, updates a previous version published in 2018. Due to the increasing use of service providers by financial institutions in central operational functions and the subsequent vulnerabilities created by this reliance, the G7 CEG deemed this update necessary to keep pace with the ever-changing cyber threat landscape. The update includes explicit recommendations for monitoring risks along the supply chain, identifying systemically important third-party providers, and concentration risks.

These reports were announced in October 2022 by Bundesbank, as part of Germany’s presidency of G7, after they were adopted by the G7 Finance Ministers and Central Bank Governors. They were published on Bundesbank’s website alongside previous Fundamental Elements on such topics as cybersecurity in the financial sector, penetration testing, and cyber exercises. 

The G7 CEG was founded in 2015 to serve as a multi-year working group that coordinates cybersecurity policy and strategy across the eight G7 jurisdictions. In addition to policy coordination, the G7 CEG also acts as a vehicle for information sharing, cooperation, and incident response.

IR Press

Share
Published by
IR Press

Recent Posts

Treasury Issues Final Rule Expanding CFIUS Coverage of Real Estate Transactions Around More Than 60 Military Installations

WASHINGTON – Today, the U.S. Department of the Treasury (Treasury), as Chair of the Committee…

2 days ago

U.S. Department of the Treasury’s CDFI Fund and Federal Housing Finance Agency Collaborate to Bolster CDFI Access to Capital

WASHINGTON—Today, the U.S. Department of the Treasury’s Community Development Financial Institutions Fund (CDFI Fund) and…

2 days ago

Report on U.S. Portfolio Holdings of Foreign Securities at Year-End 2023

Washington – The findings from the annual survey of U.S. portfolio holdings of foreign securities…

3 days ago

READOUT: U.S. Department of the Treasury Hosts Roundtable Discussion on the Financial Sector’s Response to Recent Hurricanes

WASHINGTON – The U.S. Department of the Treasury hosted a roundtable on October 30 with…

3 days ago

READOUT: Sixth Meeting of the Financial Working Group Between the United States and the People’s Republic of China

WASHINGTON – The United States and the People’s Republic of China held the sixth meeting…

3 days ago

Treasury Sanctions Key Members of La Linea, a Group Involved in Trafficking Fentanyl into the United States

WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned…

3 days ago