Canada: Financial Sector Assessment Program-Technical Note on Cyber Resilience of the Financial Sector

This Technical Note on Cyber Resilience of the Financial Sector discusses that cyber risk is highly relevant to the financial sector and financial stability of Canada. Canada has a mature cyber ecosystem, with a broad range of stakeholders coordinating and cooperating effectively to ensure the cybersecurity of the Canadian financial system. Notwithstanding this, there is room for further improvement, including by strengthening the overarching strategy and enhancing inter-agency coordination. As the challenges from cyber risk and technology advance in the coming years, the Canadian authorities should reflect on their strategic direction of travel and improve their overall governance arrangements and strategy to meet the challenges ahead. Federal and provincial authorities have a strong cyber regulatory framework, and guidelines, but they could better integrate them into their supervisory and oversight processes. The authorities would benefit from deepening their analysis of the operational interconnectedness of the financial system. It would also be useful to leverage existing fora to be better prepared to manage systemic cyber incidents. Federal and provincial authorities have robust incident response protocols.