Investor Presentaiton slide image

Investor Presentaiton

Annual Report AR 2022 SUMMARY WHO WE ARE OUR STRENGTH AND OUR RESOURCES OUR RESULTS People and know-how With the greater digitalization of the financial system, the risk of cyber incidents with the potential to affect the provision of services by financial institutions to their customers is increasing. The deeper interconnection among SFN and Brazilian Payment System (SPB) participants must be followed by actions that prevent incidents that could threaten financial stability. It is essential that institutions can properly manage cyber incidents, mitigating their effects and enabling the services affected to quickly recover, in order to ensure the efficiency and security of the SFN and SPB. One of the work fronts of the SFN and SPB Cyber Resilience Enhancement Program consisted of coordination among the main representative associations of the financial sector to organize simulation exercises of cyber incidents aimed at financial institutions, payment institutions and financial market infrastructures. As part of the program, the first cyber exercise carried out specifically for the financial sector took place in mid-2022 at the Cybernetic Security Laboratory of the Brazilian Federation of Banks (Febraban), which involved representatives of financial market infrastructures and seven associations. The exercise was essential to train cyber incident response and recovery procedures. The initiative aimed to assess the effectiveness of responses of technical, tactical and strategic teams to simulated crisis situations caused by cybercriminal attacks on the SFN. Several scenarios of cyberattacks were addressed, in an isolated, controlled, and protected environment, seeking to simulate current threats and large-scale impacts on financial institutions during the exercises. The periodic execution of cybernetic exercises enables exchange of knowledge among participants and training for response and recovery teams, which will certainly contribute to the cyber resilience of the financial sector as a whole. Handling classified information In September 2022, the BCB qualified as a Level 1 Registration Body for classified information treatment. This qualification is relevant, since it consolidates the BCB's role as an autonomous institution to supervise compliance with the rules and procedures for security and treatment of classified information, among others procedures. 45
View entire presentation