Featured Product

    CBK Publishes Cybersecurity Framework for Banking Sector in Kuwait

    February 18, 2020

    CBK published the cybersecurity framework for banking sector in Kuwait. The framework defines three core principles that enhance the cybersecurity and resilience capabilities of banking sector: governance, risk management, and compliance; collaboration, and continual improvement. The framework is applicable to all regulated entities supervised by CBK. The framework is issued for the board of directors, senior management, information security professionals, information technology professionals, and others who are responsible for establishing, implementing, and ensuring the compliance of their entity with the framework.

    The strategic framework consists of the following integrated initiatives for banking sector in Kuwait:

    • The first initiative establishes a mechanism for the Information Security Working Group of the banking sector by defining the methodology, scope, and responsibilities of team members. An emphasis is placed on confidentiality, information and data privacy, and absence of conflicts of interest.
    • The second initiative lays down principles for dealing with cyber risks, which include defining governance requirements, risk management, compliance, crisis management, response and recovery, and collaboration and information-sharing. Additionally, it includes continuous improvements and developments in the field of cybersecurity.
    • The third initiative sets the baseline requirements of information security controls. This initiative is among the most important stages of the project, as it provides detailed security controls that all regulated entities must comply to. It covers governance, risk management, compliance, securing of infrastructure and operations, and dealing with third-party risks and protecting electronic payment systems. All banks must comply with all baseline control requirements set forth in the initiative, through the completion of inherit risk and cyber risk self-assessment, to prove their readiness to address cybersecurity risks
    • The strategic framework also develops a Cyber Crisis Management Strategy and Plan. It introduces a complete framework for managing cyber crisis. Moreover, the Strategy and Plan provides a holistic view of crisis management, including reports, as well as the prescribed response measures. Furthermore, this plan provides a matrix to measure the impact of potential risks.
    • Among the initiatives included in the framework is also the development of a mechanism for dealing with, reporting, and sharing of information between banks, in accordance with the highest international standards. 
    • The framework also introduces the development of a platform for cyber threat intelligence sharing.


    Related Links

    Keywords: Middle East and Africa, Kuwait, Banking, Cyber Risk, Governance, ESG, Cybersecurity Framework, Operational Risk, Third-party Arrangement, Cloud Computing, CBK

    Related Articles

    EBA Launches Stress Tests for Banks, Issues Other Updates

    The European Banking Authority (EBA) launched the 2023 European Union (EU)-wide stress test, published annual reports on minimum requirement for own funds and eligible liabilities (MREL) and high earners with data as of December 2021.

    January 31, 2023 WebPage Regulatory News

    EBA Proposes Standards for IRRBB Reporting Under Basel Framework

    The European Banking Authority (EBA) proposed implementing technical standards on the interest rate risk in the banking book (IRRBB) reporting requirements, with the comment period ending on May 02, 2023.

    January 31, 2023 WebPage Regulatory News

    FED Issues Further Details on Pilot Climate Scenario Analysis Exercise

    The U.S. Federal Reserve Board (FED) set out details of the pilot climate scenario analysis exercise to be conducted among the six largest U.S. bank holding companies.

    January 17, 2023 WebPage Regulatory News

    US Agencies Issue Several Regulatory and Reporting Updates

    The Board of Governors of the Federal Reserve System (FED) adopted the final rule on Adjustable Interest Rate (LIBOR) Act.

    January 04, 2023 WebPage Regulatory News

    ECB Issues Multiple Reports and Regulatory Updates for Banks

    The European Central Bank (ECB) published an updated list of supervised entities, a report on the supervision of less significant institutions (LSIs), a statement on macro-prudential policy.

    January 01, 2023 WebPage Regulatory News

    HKMA Keeps List of D-SIBs Unchanged, Makes Other Announcements

    The Hong Kong Monetary Authority (HKMA) published a circular on the prudential treatment of crypto-asset exposures, an update on the status of transition to new interest rate benchmarks.

    December 30, 2022 WebPage Regulatory News

    EU Issues FAQs on Taxonomy Regulation, Rules Under CRD, FICOD and SFDR

    The European Commission (EC) adopted the standards addressing supervisory reporting of risk concentrations and intra-group transactions, benchmarking of internal approaches, and authorization of credit institutions.

    December 29, 2022 WebPage Regulatory News

    CBIRC Revises Measures on Corporate Governance Supervision

    The China Banking and Insurance Regulatory Commission (CBIRC) issued rules to manage the risk of off-balance sheet business of commercial banks and rules on corporate governance of financial institutions.

    December 29, 2022 WebPage Regulatory News

    HKMA Publications Address Sustainability Issues in Financial Sector

    The Hong Kong Monetary Authority (HKMA) made announcements to address sustainability issues in the financial sector.

    December 23, 2022 WebPage Regulatory News

    EBA Updates Address Basel and NPL Requirements for Banks

    The European Banking Authority (EBA) published regulatory standards on identification of a group of connected clients (GCC) as well as updated the lists of identified financial conglomerates.

    December 22, 2022 WebPage Regulatory News
    RESULTS 1 - 10 OF 8700