ESAs Establish Framework to Strengthen Coordination in Case of Systemic Cyber Incidents

The three European Supervisory Authorities (EBA, EIOPA, and ESMA) have announced the establishment of the EU Systemic Cyber Incident Coordination Framework (EU-SCICF). This initiative, rooted in the Digital Operational Resilience Act (DORA), aims to bolster the financial sector’s response to cyber incidents that threaten financial stability by enhancing coordination among financial authorities and other relevant entities within the European Union, as well as with key international actors.

On 2 December 2021, the General Board of the European Systemic Risk Board (ESRB) adopted Recommendation ESRB/2021/17 and approved the report “Mitigating systemic cyber risk.” This recommendation highlighted gaps in the existing crisis management frameworks that could hinder financial sector coordination during significant cross-border information and communication technologies (ICT) incidents with systemic implications.

In response, the ESRB recommended that the ESAs leverage their roles under DORA to gradually develop a pan-European systemic cyber incident coordination framework (EU-SCICF).

In July 2023, as a preliminary step toward implementing the ESRB Recommendation, the ESAs, the European Central Bank (ECB), and Member States from their relevant national authorities designated main points of contact for the EU-SCICF. These contacts will facilitate the development of the framework and will play a crucial role in the crisis coordination process of the EU-SCICF.

The Systemic Cyber Incident Coordination Framework (EU-SCICF) is designed to facilitate communication and coordination among EU authorities and to liaise with other key stakeholders at the international level in the event of cyber incidents that pose a risk to financial stability. EU-SCICF addresses major cross-border information and communication technologies (ICT) related incidents or cyber threats that could have a systemic impact on the Union’s financial sector. These incidents can include large-scale cyberattacks, significant data breaches, and other ICT disruptions that threaten financial stability.

Key components of the EU-SCICF include:

1. EU-SCICF Secretariat: The Secretariat will be established to support the functioning of the framework, ensuring smooth operations and effective communication among stakeholders.

2. EU-SCICF Forum: This forum will focus on testing and maturing the framework’s operations, ensuring it is robust and ready for deployment in the event of a cyber incident.

3. EU-SCICF Crisis Coordination: During a crisis, this component will facilitate the coordination of actions by participating authorities, ensuring a swift and unified response to mitigate the impact of the cyber incident.

Over the coming months, the ESAs will begin the implementation process of the EU-SCICF by setting up these critical components. They will also identify any legal and operational challenges encountered during the initial setup phase and report these to the European Commission. The continued development of the framework will depend on the availability of resources and additional measures taken by the European Commission.

Framework Composition and Operation

Non-Crisis Mode:

• Awareness and Development: Regular activities to increase awareness and develop the framework.
• Testing and Maintenance: Ongoing testing to ensure the framework remains effective and up-to-date.

Crisis Mode:

• EU-SCICF Secretariat: Provides support and ensures smooth operations during a crisis.
• Supportive Tools: Utilizes various tools to manage and mitigate the crisis.
• Governance and Arrangements: Maintains governance structures and operational arrangements.
• Information Sharing: Facilitates timely and accurate information sharing among stakeholders.
• Impact Discussion and Response Coordination: Discusses the impact of the incident and coordinates response actions.
• Identifying Areas of Alignment: Ensures alignment among participating authorities.

The EU-SCICF will include national macroprudential authorities, supervisory and resolution authorities, and other relevant European bodies. During a crisis, these members will share information on potential systemic cyber incidents or threats. The framework will serve as a forum for relevant authorities to communicate and coordinate necessary actions and utilize tools to counter the crisis from a macroprudential perspective.

By establishing the EU-SCICF, the ESAs aim to create a robust mechanism for addressing systemic cyber risks in the financial sector. The framework will enhance the resilience of the EU’s financial system, improve coordination and communication among authorities, and ensure a rapid and effective response to cyber incidents. This initiative represents a significant step forward in safeguarding financial stability against the growing threat of cyber incidents.

As the EU-SCICF develops, it will play a crucial role in mitigating the impact of cyber threats and ensuring the continued resilience of the financial sector across the European Union.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.