Released on October 17, this FSB’s Report sets out its recommendations to “address impediments to achieving greater convergence” in cyber incident reporting (CIR).
The FSB is proposing that regulators takes the following actions :
Clearly defined objectives to address incident reporting, and periodically assess and demonstrate how these objectives can be achieved.
Ensure greater convergence of CIR frameworks (i.e. align their CIR regimes with other relevant authorities…)
Adopt of common reporting formats
Implement phased and incremental reporting requirements
Select incident reporting triggers
Calibrate initial reporting windows
Minimize interpretation risk
Extend materiality-based triggers to include likely breaches
Review the effectiveness of CIR processes
Conduct ad-hoc data collection and industry engagement
Address impediments to cross-border information sharing
Foster mutual understanding of benefits of reporting
Provide guidance on effective CIR communication
Maintain response capabilities which support CIR
Pool knowledge to identify related cyber events and cyber incidents
Protect sensitive information
Responses should be sent to email@example.com by 31 December 2022.