Search
Close
Close

Contact us

Cyber Working Group

Purpose

The Cyber Working Group (WG)’s purpose is to educate the industry on the cyber-attack threats to firms active within securities servicing and the risk mitigation techniques they should take to manage those threats that may lead to a material impact to the securities servicer firm or to the financial markets as well as best practices to follow when one of their counterparties experiences a successful cyber-attack.

Scope

In scope topics for 2026 include:

  • Updating the 2018 ISSA White Paper entitled: “ISSA Cyber Security Risk Management in Securities Services”
  • Potentially updating the 2020 ISSA White Paper entitled: “Cyber Security Guidance Paper – Responding to an Attack”
  • Looking to the future of the business and technologies that will be employed, especially around AI and Quantum Computing, and forecasting how that may alter the Cyber Risk space. This thinking may be incorporated into an update of the first paper or may be explored as a separate piece of work

The WG will initially look to update the first paper. Upon completing that work, they will then decide if there is value in updating the second paper or embarking on a different path with more value to the industry.

Key First Deliverables

  • Updated: “ISSA Cyber Security Risk Management in Securities Services” focused on:
    • An overview of the Threat Landscape, including attack types, phases of attacks, and the evolution of attacks.
    • A Comparative Risk Assessment for the industry: Disruption/Ransom Attack; Asset Theft; Information Theft; Market Manipulation
    • The Susceptibility of Industry Participants
    • Existing Regulations 
    • Recommended Risk Mitigation Practices
    • External Risk Frameworks
  • Potentially adding:
    • The opportunities and risks posed by future industry adoption of new technologies, especially AI and Quantum Computing. How can these be used to improve cyber defenses and how they could be used by bad actors and how the industry can defend against that
    • Recommended Reconnection Protocols for coming back online after a successful attack and demonstrating to counterparties that the firm is ready to safely do business (could be added to this paper or a revision of the paper discussed below)
    • A deeper focus on FMUs as critical core service providers to the entire Securities Services industry.

Potential Future Deliverable

  • Updated “Cyber Security Guidance Paper – Responding to an Attack” focused on:
    • An updated view of the Cyber Landscape and the threat pertaining to the Securities Services Industry
    • Expected Minimum Standards for industry participants
    • Incident Management Considerations for a Compromised Participant: Incident Day; Incident Period; Resumption Day; Post-Mortem
    • Incident Management Considerations for a Non-Compromised Participant: Incident Day; Incident Period; Resumption Day; Post-Mortem

Key Outcomes

  • Increased awareness of all ISSA members of the current and evolving Cyber Threat Landscape and risk mitigation best practices

Publications

  • 2018 ISSA White Paper: ISSA Cyber Security Risk Management in Securities Services -> pdf
  • 2020 ISSA White Paper: Cyber Security Guidance Paper – Responding to an Attack -> pdf

Working Group Co-Chairs

  • Muhammad Khan, BNY
  • Edward Starkie, Thomas Murray

Executive Sponsor

  • Juliette Kennel, SWIFT

Institutions represented by Experts in the Working Group

  • HSBC Holdings Plc
  • The Value Exchange
  • x-markets GmbH & Co. KG