SBP issues cyber security guidelines

Include regular independent testing, contingency planning


Ppi June 23, 2016
Include regular independent testing, contingency planning. PHOTO: REUTERS

KARACHI: The State Bank of Pakistan has issued guidelines on prevention against cyber-attacks. Through these guidelines, the SBP has advised banks/ MFBs/ DFIS to continuously improve their cyber security controls and procedures so as to anticipate, withstand, detect, and respond to cyber-attacks.

SBP’s cyber security instructions provide guidelines in the areas of risk ownership and management responsibility; periodic evaluation and monitoring of cyber security controls; regular independent assessment and tests, and industry collaboration and contingency planning.

The new instructions require the Board of Directors (BoD) of the institutions to regularly evaluate the adequacy of cyber security systems and action plans with regard to emerging cyber threats.

The senior management is required to ensure that an organisational plan of action for cyber security management exists in each institution and is regularly reviewed and updated for implementation.

It may be noted here that cyber threats have become a global phenomenon and are continually growing in sophistication and impact, despite advances in cyber-security technologies and practices.

While the new technologies and their application in banking system have created new opportunities for the efficient and cost-effective delivery of services, these have also posed a number of new threats and risks. The banks/ DFIs/ MFBs are required to make necessary arrangements to comply with the instructions, latest by December 31, 2016.

Published in The Express Tribune, June 24th, 2016.

Like Business on Facebook, follow @TribuneBiz on Twitter to stay informed and join in the conversation.

COMMENTS (1)

Basit | 8 years ago | Reply They should start by upgrading their computers from Windows XP!
Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ