This post will continue to explore the details of the United States Federal Reserve’s Enhanced Cyber Risk Management Standards, proposed on October 19th, 2016. Drafted for the purpose of reducing Cyber Liability in the financial sector, the proposal describes an updated set of cybersecurity measures meant to improve the sector’s safety against cyber threats. The regulations apply to many types of entities, and one such type is the sector-critical system, which comes with its own specific standards.
The proposal defines a sector-critical system as a system of covered entities that is critical to the financial sector. As the financial sector is comprised of an interconnected web of markets and financial entities, a cyber liability issue in one section could impact a number of other participants across the world. Because of this, the Notice introduces a two-tiered proposal with the previously mentioned standards applying to all covered entities and an additional, stricter set of standards (“sector-critical standards”) for sector-critical systems.
Identifying Sector-Critical Systems
Earlier we provided an overarching definition of a sector-critical system, but the proposal provides a more detailed explanation about what could qualify a system for sector-critical standards. The proposal introduces the possibility of the following systems being sector-critical:
- “Systems that support the clearing or settlement of at least five percent of the value of transactions (on a consistent basis) in one or more of the markets for federal funds, foreign exchange, commercial paper, U.S. Government and agency securities, and corporate debt and equity securities”,
- “Systems that support the clearing or settlement of at least five percent of the value of transactions (on a consistent basis) in other markets, or that support the maintenance of a significant share of the total U.S. deposits or balances due from other depository institutions in the United States”,
- “Systems that provide key functionality to the financial sector for which alternatives are limited or nonexistent, or would take excessive time to implement”,
- “Systems that act as key nodes to the financial sector due to their extensive interconnectedness to other financial entities”.
Since 1983, Financial Guaranty Insurance Brokers has distinguished itself as a provider of Professional Liability, Cyber Liability, and Crime insurance products for financial entities, in addition to providing crime insurance and general business insurance products to a number of firms across the United States. To receive timely, personalized service from a knowledgeable and experienced staff, call us today at (877) 485-4413 to speak with one of our professionals.