Carnegie Endowment, CRI, IMF, and Partners Launch Cybersecurity Toolbox for Financial Institutions

Washington, D.C.—The Carnegie Endowment for International Peace today released “Cyber Resilience and Financial Organizations: A Capacity-building Tool Box” in partnership with the SWIFT Institute, the original sponsor, the IMF, the Financial Services Information Sharing and Analysis Center (FS-ISAC), Standard Chartered, the Cyber Readiness Institute, and the Global Cyber Alliance. Consisting of six easy-to-use one-page guides and checklists that provide senior management with actionable measures to improve their organization’s cyber security, the tool box exists in seven languages and is based on existing frameworks, policies, and standards from around the globe.

“The guides are designed to be practical, actionable, and easy-to-use to maximize their benefit and impact on financial institutions’ cyber resilience”, according to Tim Maurer, Co-director of Carnegie’s Cyber Policy Initiative. “When used properly, these tools will prevent dangerous hacks to financial systems across the world.”

Karel De Kneef, Chief Security Officer, SWIFT said: “A global and collaborative approach to the cyber threat is absolutely key, which is why the development of this tool box marks a major step forward. Cyber security is the number one priority for SWIFT and its community of over 11,000 customers, and we aim to remain at the forefront of threat intelligence sharing and best practice initiatives such as these.”

“The concise cybersecurity toolkit of Carnegie is an efficient and effective way of checking a firm’s compliance with prevalent good practice and internationally accepted information security standards,” according to Frank Adelman, cyber risk expert at the International Monetary Fund.

Cheri McGuire, Chief Information Security Officer, Standard Chartered highlights, “Created using the collective experiences from leading cyber security practitioners, these guides are practical tools for senior executives managing cyber security risk and will help improve the cyber resilience of firms of all sizes across the global financial sector.”

“To effectively manage today’s evolving threat landscape, organizations must be agile and constantly adapt their cybersecurity program. This tool box will support these efforts in protecting the financial sector by sharing best practices in three critical areas: intelligence, resiliency and prevention. The guides are particularly beneficial for institutions that are actively building out their cybersecurity governance and operational programs,” noted Steven Silberstein, CEO of FS-ISAC.

“The work done by CEIP to help financial institutions better address cybersecurity is spot-on. Its multi-pronged approach to help banks and others implement industry best practices is easy to understand and will be of great value to thousands of small institutions. GCA congratulates CEIP on this initiative,” said Philip Reitinger, Global Cyber Alliance President & CEO.

“The Toolkit is an accessible way for financial institutions to improve their resiliency and be more agile in the face of growing cyber threats around the globe. The Cyber Readiness Institute is pleased to partner with Carnegie on this important effort and looks forward to continued collaboration as our organizations work together to help companies of all sizes become more cyber ready,” added Kiersten Todt, Managing Director of the Cyber Readiness Institute.

The toolkit is the result of a year of work and engagement with experts in government and industry ranging from central banks to cybersecurity agencies and international bodies including the International Monetary Fund, FS-ISAC, and SWIFT.

The Tool Box contains:(1) Board-Level Guide: Cybersecurity Leadership; (2) CEO-Level Guide: Cybersecurity Leadership; (3) CISO-Level Guide: Protecting Your Organization; (4) CISO-Level Guide: Protecting Your Customers; (5) CISO-Level Guide: Protecting Connections to Third Parties; and (6) Incident Response Guide – each accompanied by a checklist and a supplementary report detailing the various standards and policies that informed the development of the tool box.

The Tool Box is freely available on the Carnegie Endowment website. In addition to English, the guides and checklists are available in Arabic, Dutch, Spanish, French, Portuguese and Russian.

To help disseminate the tool box, the Carnegie Endowment is partnering with several leading institutions in the field. Working with their clients and members around the world, the multilingual took box is designed to help improve the cyber resilience of the global financial system and the cyber hygiene of financial institutions and their customers alike.

The Tool Box and more information are available at: https://carnegieendowment.org/FinCyberToolbox

About the Carnegie Endowment for International Peace

The Carnegie Endowment for International Peace is a unique global network of policy research centers in Russia, China, Europe, the Middle East, India, and the United States. Our mission, dating back more than a century, is to advance peace through analysis and development of fresh policy ideas and direct engagement and collaboration with decision makers in government, business, and civil society. Working together, our centers bring the inestimable benefit of multiple national viewpoints to bilateral, regional, and global issues.

About the International Monetary Fund

The International Monetary Fund (IMF) is an organization of 189 countries, working to foster global monetary cooperation, secure financial stability, facilitate international trade, promote high employment and sustainable economic growth, and reduce poverty around the world. Created in 1945, the IMF is governed by and accountable to the 189 countries that make up its near-global membership. The IMF’s primary purposeis to ensure the stability of the international monetary system—the system of exchange rates and international payments that enables countries (and their citizens) to transact with each other. The Fund’s mandate was updated in 2012 to include all macroeconomic and financial sector issues that bear on global stability.

About the SWIFT Institute

The SWIFT Institute, set up by SWIFT, funds independent research, supports knowledge-led debate and provides a forum where academics and financial practitioners can learn from each other. The primaryfocus of the SWIFT Institute’s work is transaction banking, covering the areas of payments & banking, securities, cyber security, technology & innovation, regulation & compliance and leadership. To date more than 40 research grants have been issued and ten conferences held. All of the Institute’s research is freely available to download and share at www.swiftinstitute.org.

About FS-ISAC

The Financial Services Information Sharing and Analysis Center (FS-ISAC) is an industry consortium dedicated to reducing cyber-risk in the global financial system. Serving financial institutions and in turn their customers, the organization leverages its intelligence platform, resiliency resources, and a trusted peer-to-peer network of experts to anticipate, mitigate and respond to cyberthreats. FS-ISAC has nearly 7,000-member firms with users in more than 70 countries. Headquartered in the US, the organization has offices in the UK and Singapore. To learn more, visit fsisac.com.

About Standard Chartered

Standard Chartered is a leading international bank, working across some of the world’s most dynamic markets including Asia, Africa and the Middle East, driving commerce and prosperity through its unique diversity. With more than 86,000 employees and a presence in 60 markets, Standard Chartered’s network serves customers in close to 150 markets worldwide. The Bank offers services that help people and companies to succeed, creating wealth and growth across its footprint.

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org.

About the Cyber Readiness Institute

The Cyber Readiness Institute is an initiative that convenes senior business leaders from across sectors and geographic regions to share resources and knowledge that inform the development of free cybersecurity tools for small and medium-sized businesses. The Institute seeks to advance the cyber readiness of small and medium-sized businesses to improve the security of global value chains. The free, self-guided Cyber Readiness Program for small and medium-sized businesses was launched in December 2018.