G20 develops cyber lexicon to help beat cyber risks
The Financial Stability Board (FSB) has drawn up a draft cyber lexicon as one tool in its arsenal to tackle threats to cyber security and cyber resilience on a global scale. Now terminology such as social engineering, tactics, techniques and procedures (TTPs) and threat actor may all become part of a common core lexicon of terms.
The draft lexicon which is currently published as a consultative document and is open for comment as part of a drive by G20 finance ministers and central bank governors to address cyber crime, which could have disastrous effects on the financial systems at both country and international levels. Think of the 2017 WannaCry ransom attack which infected more than 250,000 computer systems in 150 countries and the Equifax hacking incident, which affected the accounts of over 146 million people.
The FSB undertook a stocktaking initiative that reviewed current regulations and supervisory practices in G20 countries and existing international guidance to identify effective practices. Since it delivered its report in October 2017, the FSB moved forward with a request by the international forum to develop a lexicon that would support cross-border work to protect financial stability and prevent cyber crime.
Bringing deeper meaning
The objective of the cyber lexicon is to support the work of standard-setting bodies (SSBs); private sector and state authorities among others. The FSB lexicon is neither meant to be comprehensive in its cover of technical cyber-security or -resilience related terms nor is intended for legal or contract use. However, the lexicon will facilitate:
- Cross-sector common understanding of relevant cyber security and cyber resilience terminology
- Work to assess and monitor financial stability risks of cyber risk scenarios
- Information sharing as appropriate
- Work by the FSB and/or SSBs to provide guidance related to cyber security and cyber resilience, including identifying effective practices
Some of the common definitions may seem fairly banal but in the world of cyber security have deeper connotations and meanings as the lexicon clearly draws attention to. A few highlights are:
- Alert: Notification that a specific attack or threat has been directed at an organisation’s information systems
- Campaign: A grouping of adversarial behaviours that describes a set of malicious activities that occur over a period of time against a specific set of targets
- Cyber Hygiene: A set of practices for managing the most common and pervasive cyber risks faced by organisations
- Red Team Exercise: An exercise, reflecting real world conditions, that is conducted as a simulated adversarial attempt to compromise organisational activities and/or business processes to provide an assessment of the security capability of the information system and organisation
- Social Engineering: A general term for trying to deceive people into revealing confidential information or performing certain actions