Cyber security

Information technology (IT) has become indispensable, underpinning economic growth in recent decades. As organisations of all sizes in both the public and private sector become ever more interconnected and reliant on IT products and services such as cloud-based systems and artificial intelligence, they are increasingly exposed to cyber risks - the risk of financial loss, disruption or reputational damage to an organisation resulting from the failure of its IT systems. These episodes include malicious cyber incidents (cyber attacks) where the threat actor intends to do harm (eg ransomware attacks, hacking incidents or data theft by employees).

Cyber incidents are becoming more sophisticated and their costs difficult to quantify. BIS research has found that cyber costs are higher for larger firms and for incidents that affect several organisations at once. The financial sector incurs a larger number of cyber attacks but suffers lower costs, on average, because of its greater investment in IT security. The use of cloud services is associated with lower costs, especially when cyber incidents are relatively small. By contrast, as cloud providers become systemically important, cloud dependence is likely to increase tail risks.

Together with the member central banks the BISIH intends to work on cyber security approaches and applications targeted at maintaining a robust and secure environment for central banks. The BISIH also considers cyber security as central to any of its proofs of concept.

Related projects