G7 Fundamental Elements of ransomware resilience for the financial sector

The HM Treasury has published a fourth guidance drafted by the G7 Cyber Expert Group entitled G7 Fundamental Elements of ransomware resilience for the financial sector. The guidance is part of a collection of documents, the so-called „G7 Fundamental Elements series“, provided by the Group to assist firms, supervisory authorities, and third parties alike in their handling and monitoring of cyber security risks.
This particular guidance was obviously developed in October 2022 – although not published in the UK until now. It is intended to assist financial market participants in taking adequate measures to protect themselves against ransomware risks and incidents. The document thereby provides guidance with respect to the following key issues:
(1) the integration of ransomware risks and risk strategies in the overall cyber security framework of a firm;
(2) the implementation of effective governance structures to address and deal with this issue;
(3) the implementation of adequate control measures to prevent ransomware incidents or mitigate the negative impacts of any ransomware attacks;
(4) the monitoring of systems to identify any ransomware-related activities;
(5) the drafting and implementation of adequate incident response plans; and
(6) the steps involved and issues to be considered in recovering any „lost data“ or re-receiving access to locked-out systems.
The guidance also contains two dedicated sections dealing with
(a) information sharing within a company and with company partners or other relevant stakeholders about ransomware incidents and
(b) the drawing of conclusions from any ransomware incidents, that is the implementation of additional security measures or controls based upon the lessons learned from previous ransomware incidents.