Search Results

You are looking at 1 - 10 of 11 items for :

  • "cybersecurity governance" x
Clear All
International Monetary Fund. Monetary and Capital Markets Department

detailed in the report); (v) specialized BCP software may be used but its benefits are unlikely to be fully realized; and (vi) consider external support for the BCP project; The mission recommends three key steps to improve the cybersecurity governance of the CBB . These are: (i) consider the establishment of a cybersecurity function independent from IT; (ii) implement a formal cyber risk assessment process; and (iii) ensure staff responsible for the risk assessment receives relevant training. These steps with their priority and timeline are summarized in Table 1

International Monetary Fund. Monetary and Capital Markets Department
Cybersecurity risk is embedded in the CBB’s supervisory framework, but additional enhancements are needed to formalize guidance and develop more intensive supervisory practices. Supervisory expectations on cybersecurity are presented in an informal guidance note, which should be formalized into regulation to ensure enforceability; and an IT/cybersecurity supervisory manual should be developed to promote effective and consistent practices. With its principle-based guidance note, the CBB highlights its priorities in strengthening the cybersecurity posture of Belizean financial institutions. The principles are an appropriate interpretation of international best practices on incident prevention, detection, response, and recovery measures, adapted to the cyber maturity of the Belizean financial institutions, and can be used as a foundation for the formalized guidelines. The manual could emphasize the review of cybersecurity strategies, policies, and responsibility specifications and should address obtaining assurance on the effectiveness of the financial institutions’ processes for cyber risk identification, assessment, and mitigation.
International Monetary Fund. Monetary and Capital Markets Department

3. Structure of Draft Financial Sector Map Produced by Norges Bank 4. Organizational Chart of the FSA 5. Organizational Chart of Norges Bank Glossary BCBS Basel Committee on Banking Supervision BCM Business Continuity Management BFI Financial Infrastructure Crisis Preparedness Committee CCP Central Counterparty Clearing CERT Computer Emergency Response Team CS GRC Cybersecurity Governance, Risk and Compliance COBIT Control Objectives for Information and Related

International Monetary Fund. Monetary and Capital Markets Department

institution-specific or thematic . According to the FSA, a risk-based supervisory methodology for cybersecurity risk has been established, based on international supervisory standards. Typically, institution-specific information requests are sent out to selected institutions, with focus on cybersecurity governance, policies and procedures. Supervisors assess the information received and organize on-site visits (1–3 days), where the submitted information is verified. On the response and recovery capabilities, a standardized questionnaire was sent out in 2018 to all Norwegian

International Monetary Fund. Monetary and Capital Markets Department
The Norwegian financial system has a long history of incorporating new technology. Norway is at the forefront of digitization and has tight interdependencies within its financial system, making it particularly vulnerable to evolving cyber threats. Norway is increasingly a cashless society, with surveys and data collection suggesting that only 10 percent of point-of-sale and person-to-person transactions in 2019 were made using cash.1 Most payments made in Norway are digital (e.g., 475 card transactions per capita per annum)2 and there is an increase in new market entrants providing a broad range of services. Thus, good cybersecurity is a prerequisite for financial stability in Norway.
International Monetary Fund. European Dept.

number, there have been few incidents without major impact. The authorities have responded to the surge in malicious activity by a set of measures. These include guidelines for increasing resilience, information seminars, active monitoring and data back-up, and requests for information sharing with the private sector. In addition, international cooperation has strengthened through active information sharing with the EU, NATO and use of bilateral channels. A recent cybersecurity governance reform envisages the establishment of a National Cybersecurity Center which will

Tamas Gaidosch, Frank Adelmann, Anastasiia Morozova, and Christopher Wilson
This paper highlights the emerging supervisory practices that contribute to effective cybersecurity risk supervision, with an emphasis on how these practices can be adopted by those agencies that are at an early stage of developing a supervisory approach to strengthen cyber resilience. Financial sector supervisory authorities the world over are working to establish and implement a framework for cyber risk supervision. Cyber risk often stems from malicious intent, and a successful cyber attack—unlike most other sources of risk—can shut down a supervised firm immediately and lead to systemwide disruptions and failures. The probability of attack has increased as financial systems have become more reliant on information and communication technologies and as threats have continued to evolve.
International Monetary Fund. Monetary and Capital Markets Department

individual accountability and responsibility for senior managers of financial institutions along several Senior Manager Functions (SMFs). In terms of operations and technology, including cybersecurity, SMF24 function holders are accountable and responsible to a financial institution’s board and the regulators (in this context the PRA and FCA) for that firm’s operations and technology. Through this mechanism the regulators aim to facilitate the development of an appropriate cybersecurity governance and organizational culture, both key priorities. Interestingly, SMFs can be

International Monetary Fund. European Dept.
The economy fared relatively well during the pandemic, but the war in Ukraine is another major shock. The key vulnerabilities are Latvia’s significant reliance on imported gas from Russia until recently, the impact of high international energy prices on inflation and economic activity, and refugee inflows. Thus far, almost 33,000 refugees have entered Latvia. Parliamentary elections later this year may put pressure on the government budget.