OTTAWA, Nov 12 (Reuters) - Canada should consider strengthening regulations to safeguard the country’s financial system against potential cyber attacks, a top Bank of Canada official said on Tuesday.
The comments come ahead of the release next week of the central bank’s biannual survey of financial sector risk management experts which is expected to cite cyber security as a concern. Last spring’s survey identified cyber security incidents as the greatest risk to the Canadian financial system.
“We need to increase our focus on the resilience of the financial sector,” Filipe Dinis, the Bank of Canada’s chief operating officer, told a Toronto business audience in a speech.
“That means we should consider updating the balance of the current regulations and think about the necessary trade-offs to do so,” he said.
Cyber security has long been a pre-occupation for Canada’s central bank. In a 2017 interview with the Canadian Press, Bank of Canada Governor Stephen Poloz said the threat of a cyber attack was, in many ways, “more worrisome than anything else.”
Canada’s regulatory framework, Dinis said on Tuesday, should encourage collaboration and information sharing to reduce the risk of a cyber attack, which he said has been amplified by society’s increased interconnectedness.
Regulators could consider putting in place “trusted and secure” channels to transmit sensitive information while ensuring institutions are protected, he suggested. Governments could also look at mandating industry-wide preventative testing, developed in conjunction with regulators and intelligence agencies.
Those tests should also include input and participation from major players outside of the financial sector, including telecommunications, energy and transportation.
Financial penalties could also be enhanced. “If company management is unable to accurately gauge the risk of a systemic cyber event, it may well decide the fine for non-compliance is a cost that is worth paying,” Dinis said. (Reporting by Kelsey Johnson, additional reporting by Fergal Smith in Toronto; Editing by Lisa Shumaker)
Our Standards: The Thomson Reuters Trust Principles.