Featured Product

    CBK Publishes Cybersecurity Framework for Banking Sector in Kuwait

    February 18, 2020

    CBK published the cybersecurity framework for banking sector in Kuwait. The framework defines three core principles that enhance the cybersecurity and resilience capabilities of banking sector: governance, risk management, and compliance; collaboration, and continual improvement. The framework is applicable to all regulated entities supervised by CBK. The framework is issued for the board of directors, senior management, information security professionals, information technology professionals, and others who are responsible for establishing, implementing, and ensuring the compliance of their entity with the framework.

    The strategic framework consists of the following integrated initiatives for banking sector in Kuwait:

    • The first initiative establishes a mechanism for the Information Security Working Group of the banking sector by defining the methodology, scope, and responsibilities of team members. An emphasis is placed on confidentiality, information and data privacy, and absence of conflicts of interest.
    • The second initiative lays down principles for dealing with cyber risks, which include defining governance requirements, risk management, compliance, crisis management, response and recovery, and collaboration and information-sharing. Additionally, it includes continuous improvements and developments in the field of cybersecurity.
    • The third initiative sets the baseline requirements of information security controls. This initiative is among the most important stages of the project, as it provides detailed security controls that all regulated entities must comply to. It covers governance, risk management, compliance, securing of infrastructure and operations, and dealing with third-party risks and protecting electronic payment systems. All banks must comply with all baseline control requirements set forth in the initiative, through the completion of inherit risk and cyber risk self-assessment, to prove their readiness to address cybersecurity risks
    • The strategic framework also develops a Cyber Crisis Management Strategy and Plan. It introduces a complete framework for managing cyber crisis. Moreover, the Strategy and Plan provides a holistic view of crisis management, including reports, as well as the prescribed response measures. Furthermore, this plan provides a matrix to measure the impact of potential risks.
    • Among the initiatives included in the framework is also the development of a mechanism for dealing with, reporting, and sharing of information between banks, in accordance with the highest international standards. 
    • The framework also introduces the development of a platform for cyber threat intelligence sharing.

     

    Related Links

    Keywords: Middle East and Africa, Kuwait, Banking, Cyber Risk, Governance, ESG, Cybersecurity Framework, Operational Risk, Third-party Arrangement, Cloud Computing, CBK

    Related Articles
    News

    APRA Updates Validation and Derivation Rules in September 2020

    APRA updated the lists of the Direct to APRA (D2A) validation and derivation rules for authorized deposit-taking institutions, insurers, and superannuation entities.

    September 24, 2020 WebPage Regulatory News
    News

    EC Proposes Frameworks for Crypto-Assets and Operational Resilience

    EC adopted a package that includes the digital finance and retail payments strategies and the legislative proposals for regulatory frameworks on crypto-assets and digital operational resilience.

    September 24, 2020 WebPage Regulatory News
    News

    ECB Publishes Opinion on Proposals to Amend Securitization Framework

    ECB published an opinion (CON/2020/22) on proposals for regulations amending the securitization framework of EU, in response to the COVID-19 pandemic.

    September 24, 2020 WebPage Regulatory News
    News

    FCA Consults on Regulation of International Firms in UK

    FCA is consulting on its approach to the authorization and supervision of international firms operating in UK.

    September 23, 2020 WebPage Regulatory News
    News

    MAS Amends Notice on Capital Adequacy Requirements of Banks

    MAS published amendments to Notice 637 on the risk-based capital adequacy requirements for reporting banks incorporated in Singapore.

    September 23, 2020 WebPage Regulatory News
    News

    FCA to Begin to Move Firms to New Data Collection Platform RegData

    FCA announced that it will move firms to RegData from Gabriel in the coming months in stages, based on the reporting requirements of firms.

    September 23, 2020 WebPage Regulatory News
    News

    ISDA Expects IBOR Fallbacks to be Effective by End of January 2021

    ISDA issued a letter to regulators to flag that it now expects the supplement to the 2006 ISDA Definitions and the Interbank Offered Rate (IBOR) Fallbacks Protocol to be effective around mid- to late-January 2021.

    September 23, 2020 WebPage Regulatory News
    News

    APRA Reviews Repayment Deferral Plans, Identifies Best Practices

    APRA has concluded its review of the comprehensive plans of authorized deposit-taking institutions for the assessment and management of loans with repayment deferrals.

    September 22, 2020 WebPage Regulatory News
    News

    ESAs Assess Risks to Financial Sector After COVID-19 Outbreak

    ESAs (EBA, EIOPA, and ESMA) published the first joint report that assesses risks in the financial sector since the outbreak of the COVID-19 pandemic.

    September 22, 2020 WebPage Regulatory News
    News

    BoE Confirms Withdrawal of COVID Corporate Financing Facility

    BoE and HM Treasury confirmed that the COVID Corporate Financing Facility (CCFF) will close for new purchases of commercial paper, with effect from March 23, 2021.

    September 22, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 5836