Featured Product

    CBK Publishes Cybersecurity Framework for Banking Sector in Kuwait

    February 18, 2020

    CBK published the cybersecurity framework for banking sector in Kuwait. The framework defines three core principles that enhance the cybersecurity and resilience capabilities of banking sector: governance, risk management, and compliance; collaboration, and continual improvement. The framework is applicable to all regulated entities supervised by CBK. The framework is issued for the board of directors, senior management, information security professionals, information technology professionals, and others who are responsible for establishing, implementing, and ensuring the compliance of their entity with the framework.

    The strategic framework consists of the following integrated initiatives for banking sector in Kuwait:

    • The first initiative establishes a mechanism for the Information Security Working Group of the banking sector by defining the methodology, scope, and responsibilities of team members. An emphasis is placed on confidentiality, information and data privacy, and absence of conflicts of interest.
    • The second initiative lays down principles for dealing with cyber risks, which include defining governance requirements, risk management, compliance, crisis management, response and recovery, and collaboration and information-sharing. Additionally, it includes continuous improvements and developments in the field of cybersecurity.
    • The third initiative sets the baseline requirements of information security controls. This initiative is among the most important stages of the project, as it provides detailed security controls that all regulated entities must comply to. It covers governance, risk management, compliance, securing of infrastructure and operations, and dealing with third-party risks and protecting electronic payment systems. All banks must comply with all baseline control requirements set forth in the initiative, through the completion of inherit risk and cyber risk self-assessment, to prove their readiness to address cybersecurity risks
    • The strategic framework also develops a Cyber Crisis Management Strategy and Plan. It introduces a complete framework for managing cyber crisis. Moreover, the Strategy and Plan provides a holistic view of crisis management, including reports, as well as the prescribed response measures. Furthermore, this plan provides a matrix to measure the impact of potential risks.
    • Among the initiatives included in the framework is also the development of a mechanism for dealing with, reporting, and sharing of information between banks, in accordance with the highest international standards. 
    • The framework also introduces the development of a platform for cyber threat intelligence sharing.

     

    Related Links

    Keywords: Middle East and Africa, Kuwait, Banking, Cyber Risk, Governance, ESG, Cybersecurity Framework, Operational Risk, Third-party Arrangement, Cloud Computing, CBK

    Related Articles
    News

    BIS Innovation Hub Sets Out Work Program for 2021

    BIS Innovation Hub published the work program for 2021, with focus on suptech and regtech, next-generation financial market infrastructure, central bank digital currencies, open finance, green finance, and cyber security.

    January 22, 2021 WebPage Regulatory News
    News

    EC Plans to Consult on Crisis Management and EDIS Framework Revisions

    In an article published by SRB, Mairead McGuinness, the European Commissioner for Financial Services, Financial Stability, and Capital Markets Union, discussed the progress and next steps toward completion of the Banking Union.

    January 21, 2021 WebPage Regulatory News
    News

    EBA Finalizes Remuneration Standards for Investment Firms in EU

    EBA finalized the two sets of draft regulatory technical standards on the identification of material risk-takers and on the classes of instruments used for remuneration under the Investment Firms Directive (IFD).

    January 21, 2021 WebPage Regulatory News
    News

    ECA Recommends Actions to Enhance Resolution Planning for Banks

    EC published, in the Official Journal of the European Union, a notification that the European Court of Auditors (ECA) has published a special report on resolution planning in the Single Resolution Mechanism.

    January 20, 2021 WebPage Regulatory News
    News

    BoE Publishes Key Elements of the 2021 Stress Testing for Banks in UK

    BoE published a scenario against which it will be stress testing banks in 2021, in addition to setting out the key elements of the 2021 stress test, guidance on the 2021 stress test, and the variable paths for the 2021 stress test.

    January 20, 2021 WebPage Regulatory News
    News

    PRA Proposes Rules on Identity Verification of Depositor Protection

    PRA published a consultation paper (CP3/21) proposes rules regarding the timing of identity verification required for eligibility of depositor protection under the Financial Services Compensation Scheme (FSCS).

    January 20, 2021 WebPage Regulatory News
    News

    FSB Publishes Work Program for 2021

    FSB published the work program for 2021, which reflects a strategic shift in priorities in the COVID-19 environment.

    January 20, 2021 WebPage Regulatory News
    News

    FCA Issues Update on Move to New Data Collection Platform

    FCA announced that 50% firms have started using the new data collection platform RegData, which is slated to replace the existing platform known Gabriel.

    January 20, 2021 WebPage Regulatory News
    News

    Bundesbank Publishes Derivation Rules for Reporting by Banks

    Bundesbank published Version 5.0 of the derivation rules for completeness check at the form level, with respect to the data quality of the European harmonized reporting system.

    January 19, 2021 WebPage Regulatory News
    News

    FED Revises Capital Planning and Stress Testing Requirements for Banks

    FED finalized a rule that updates capital planning requirements to reflect the new framework from 2019 that sorts large banks into categories, with requirements that are tailored to the risks of each category.

    January 19, 2021 WebPage Regulatory News
    RESULTS 1 - 10 OF 6488