FSI paper details ‘red team testing’
Paper sets out how the cyber-security tests are used in different jurisdictions
A new paper by the Financial Stability Institute details how “red team testing” is used in different jurisdictions to assess the cyber defences of financial institutions.
In the latest in a series of FSI Insights papers, Jermy Prenio, Jeffery Yong and Raymond Kleijmeer present the results of a study based on eight different financial authorities.
A red team test involves a group of hackers trying to break into a firm’s systems and make off with “flags” or key pieces of data, as a simulation of a real cyber attack. The scenarios are conducted without the bank’s cyber teams knowing they are happening.
“An effective red team test is characterised by both firms and authorities being open about the results, learning from the weaknesses exposed and taking appropriate remedial actions,” the FSI authors say.
Various authorities are involved to different degrees. Some play a close role in managing the testing process, while others play a more limited part in ensuring post-test recommendations are implemented.
The FSI team says there could be scope for red team testing to be conducted across borders, and it might be possible for one jurisdiction to approve a firm tested in another “if certain conditions are met”.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@centralbanking.com or view our subscription options here: http://subscriptions.centralbanking.com/subscribe
You are currently unable to print this content. Please contact info@centralbanking.com to find out more.
You are currently unable to copy this content. Please contact info@centralbanking.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@centralbanking.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@centralbanking.com
Most read
- ECB staff speak out against changes to internal survey
- Central bank of the year: Central Bank of Brazil
- French president calls for expanded ECB mandate