Featured Product

    CBK Publishes Cybersecurity Framework for Banking Sector in Kuwait

    February 18, 2020

    CBK published the cybersecurity framework for banking sector in Kuwait. The framework defines three core principles that enhance the cybersecurity and resilience capabilities of banking sector: governance, risk management, and compliance; collaboration, and continual improvement. The framework is applicable to all regulated entities supervised by CBK. The framework is issued for the board of directors, senior management, information security professionals, information technology professionals, and others who are responsible for establishing, implementing, and ensuring the compliance of their entity with the framework.

    The strategic framework consists of the following integrated initiatives for banking sector in Kuwait:

    • The first initiative establishes a mechanism for the Information Security Working Group of the banking sector by defining the methodology, scope, and responsibilities of team members. An emphasis is placed on confidentiality, information and data privacy, and absence of conflicts of interest.
    • The second initiative lays down principles for dealing with cyber risks, which include defining governance requirements, risk management, compliance, crisis management, response and recovery, and collaboration and information-sharing. Additionally, it includes continuous improvements and developments in the field of cybersecurity.
    • The third initiative sets the baseline requirements of information security controls. This initiative is among the most important stages of the project, as it provides detailed security controls that all regulated entities must comply to. It covers governance, risk management, compliance, securing of infrastructure and operations, and dealing with third-party risks and protecting electronic payment systems. All banks must comply with all baseline control requirements set forth in the initiative, through the completion of inherit risk and cyber risk self-assessment, to prove their readiness to address cybersecurity risks
    • The strategic framework also develops a Cyber Crisis Management Strategy and Plan. It introduces a complete framework for managing cyber crisis. Moreover, the Strategy and Plan provides a holistic view of crisis management, including reports, as well as the prescribed response measures. Furthermore, this plan provides a matrix to measure the impact of potential risks.
    • Among the initiatives included in the framework is also the development of a mechanism for dealing with, reporting, and sharing of information between banks, in accordance with the highest international standards. 
    • The framework also introduces the development of a platform for cyber threat intelligence sharing.

     

    Related Links

    Keywords: Middle East and Africa, Kuwait, Banking, Cyber Risk, Governance, ESG, Cybersecurity Framework, Operational Risk, Third-party Arrangement, Cloud Computing, CBK

    Related Articles
    News

    BCBS Amends Guidelines on Sound Management of AML/CFT Risks

    BCBS amended the guidelines on sound management of risks related to money laundering and financing of terrorism (ML/FT).

    July 02, 2020 WebPage Regulatory News
    News

    US Agencies Finalize Amendments to Swap Margin Rule

    US Agencies (Farm Credit Administration, FDIC, FED, FHFA, and OCC) finalized changes to the swap margin rule to facilitate implementation of prudent risk management strategies at banks and other entities with significant swap activities.

    July 01, 2020 WebPage Regulatory News
    News

    PRA Letter Sets Expectations on Approach to Managing Climate Risks

    PRA published a letter that builds on the expectations set out in the supervisory statement (SS3/19) on enhancing banks' and insurers' approaches to managing the financial risks from climate change.

    July 01, 2020 WebPage Regulatory News
    News

    EBA Guidelines on Treatment of Structural Foreign Exchange Under CRR

    EBA finalized the guidelines on treatment of structural foreign-exchange (FX) positions under Article 352(2) of the Capital Requirements Regulation (CRR).

    July 01, 2020 WebPage Regulatory News
    News

    FSB Issues Statement on Impact of COVID-19 Crisis on Benchmark Reform

    FSB published a statement on the impact of COVID-19 pandemic on global benchmark transition.

    July 01, 2020 WebPage Regulatory News
    News

    IAIS Publishes List of Internationally Active Insurance Groups

    IAIS published the list of Internationally Active Insurance Groups (IAIGs) publicly disclosed by group-wide supervisors.

    July 01, 2020 WebPage Regulatory News
    News

    FED Temporarily Revises FR Y-9C With Respect to PPPLF and CARES Act

    FED has temporarily revised the reporting form on consolidated financial statements for holding companies (FR Y-9C; OMB No. 7100-0128).

    July 01, 2020 WebPage Regulatory News
    News

    EC Launches Consultation on Review of Solvency II Directive

    EC launched a consultation on the review of the key elements of Solvency II Directive, with the comment period ending on October 21, 2020.

    July 01, 2020 WebPage Regulatory News
    News

    ECB Consults on Supervisory Approach to Consolidation in Banking

    ECB launched a consultation on the guide that sets out supervisory approach to consolidation projects in the banking sector.

    July 01, 2020 WebPage Regulatory News
    News

    IAIS on Package for 2020 Data Collection on ICS and Aggregation Method

    IAIS published technical specifications, questionnaires, and templates for 2020 Insurance Capital Standard (ICS) and Aggregation Method data collections.

    June 30, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 5425