EU Cyber Information Sharing Initiative
Co-operation between regulators on minimising cyber risk has ramped up recently as the EU’s Cyber Resilience Board has launched a pan-European initiative to share cyber information.
Last week, at their fourth meeting, the Board launched the Cyber Information and Intelligence Sharing Initiative (CIISI-EU). This is the first time pan-European agencies have come together to co-operate and share information on this issue, indicating an enhanced effort to tackle cyber-security.
This latest development follows significant European progress in this area from publishing the cyber-reliance oversight expectations (CROE) to the European Framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU), introduced in 2018 to help entities test and improve their resilience against sophisticated cyberattacks.
Joint initiatives such as CIISI, however, represent a significant step forward in this area. Sharing information on this scale is crucial to building reliance and supporting the safe operating of the financial system as a whole.
There is a significant focus internationally on the importance of information sharing and streamlining of regulation in this field (for example, see the FSB’s 2017 stocktake and the World Bank’s stocktake here). Information sharing about cyber risks across national boundaries can be difficult for a variety of legal reasons. Cybercriminals, of course, don’t respect those boundaries, just one of the reasons that cybersecurity for regulators is a complex field.
Read more here.