世界经济论坛：2020年网络弹性系统：打造安全可靠的金融科技 （英文版）（37页）.pdf

1、Systems of Cyber Resilience: Secure and Trusted FinTech July 2020 Shaping the Future of Cybersecurity and Digital Trust Shaping the Future of Financial and Monetary Systems World Economic Forum 91-93 route de la Capite CH-1223 Cologny/Geneva Switzerland Tel.: +41 (0)22 869 1212 Fax: +41 (0)22 786 27

2、44 Email: contactweforum.org www.weforum.org 2020 World Economic Forum. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, including photocopying and recording, or by any information storage and retrieval system. 2Systems of Cyber Resilienc

3、e: Secure and Trusted FinTech Contents Preface 4 Introduction: World Economic Forum FinTech Cybersecurity Consortium 6 1. Executive Summary 7 2. Systems of cyber resilience: building cyber-resilient controls for the financial (eco)system 10 3. Creating a system of resilience: universal cybersecurity

4、 controls and assessment 13 4. Approach 14 5. Criteria for choosing base-level frameworks 15 6. Candidate frameworks 18 7. Center for Internet Security Top 20 Critical Security Controls 19 8. The Financial Services Cybersecurity Profile 21 9. Conclusion 25 10. Appendix 1: The CIS CSC 20 vs. base-lev

5、el controls criteria 26 11. Appendix 2: The FSC Profile vs. base-level controls criteria 30 12. Appendix 3: The role of industry and public-private initiatives 32 Contributors 33 Endnotes 34 Systems of Cyber Resilience: Secure and Trusted FinTech3 Cyber risk is pervasive, systemic and global in scop

6、e. In the financial services industry, it is increasingly difficult to mitigate this risk, since the modularization of financial services interlinks organizations whose cybersecurity maturity levels vary greatly. It is therefore difficult for any one firm to understand how an attacker might move lat