Search Results

You are looking at 1 - 10 of 19 items for :

  • "cybersecurity resilience" x
Clear All
International Monetary Fund. Monetary and Capital Markets Department
Cybersecurity risk is embedded in the CBB’s supervisory framework, but additional enhancements are needed to formalize guidance and develop more intensive supervisory practices. Supervisory expectations on cybersecurity are presented in an informal guidance note, which should be formalized into regulation to ensure enforceability; and an IT/cybersecurity supervisory manual should be developed to promote effective and consistent practices. With its principle-based guidance note, the CBB highlights its priorities in strengthening the cybersecurity posture of Belizean financial institutions. The principles are an appropriate interpretation of international best practices on incident prevention, detection, response, and recovery measures, adapted to the cyber maturity of the Belizean financial institutions, and can be used as a foundation for the formalized guidelines. The manual could emphasize the review of cybersecurity strategies, policies, and responsibility specifications and should address obtaining assurance on the effectiveness of the financial institutions’ processes for cyber risk identification, assessment, and mitigation.
International Monetary Fund. Monetary and Capital Markets Department

. Introduction 1. The mission focused on two topics: (i) the Belizean regulatory framework for cybersecurity and the CBB’s IT supervisory practices, and (ii) the cybersecurity resilience and governance elements of the CBB’s internal BCM framework . To achieve its goals, the mission reviewed relevant documentation, such as the cybersecurity guidance note, the terms of reference of the CSC, sample reports, plans, policies, procedures, risk assessments, and other internal IT and information security documents. The mission team interviewed senior staff to understand the context

Mr. Michael Gorbanyov, Majid Malaika, and Tahsin Saadi Sedik
The era of quantum computing is about to begin, with profound implications for the global economy and the financial system. Rapid development of quantum computing brings both benefits and risks. Quantum computers can revolutionize industries and fields that require significant computing power, including modeling financial markets, designing new effective medicines and vaccines, and empowering artificial intelligence, as well as creating a new and secure way of communication (quantum Internet). But they would also crack many of the current encryption algorithms and threaten financial stability by compromising the security of mobile banking, e-commerce, fintech, digital currencies, and Internet information exchange. While the work on quantum-safe encryption is still in progress, financial institutions should take steps now to prepare for the cryptographic transition, by assessing future and retroactive risks from quantum computers, taking an inventory of their cryptographic algorithms (especially public keys), and building cryptographic agility to improve the overall cybersecurity resilience.
Mr. Michael Gorbanyov, Majid Malaika, and Tahsin Saadi Sedik

first step, they should take an inventory of public-key cryptography used within the institution, as well as by partners and third-party suppliers. These will eventually need to be transitioned to post-quantum cryptography once standards are available. And finally, they should build cryptographic agility to improve the overall cybersecurity resilience going forward. Past experiences of algorithm replacements, even though much simpler than the transition to post-quantum standards, show that they can be extremely disruptive and often take years or decades to

International Monetary Fund. Monetary and Capital Markets Department

Committee on Payments and Market Infrastructures CRS Cybersecurity Resilience Sub-Committee CSD Central Securities Depository CSP Critical Service Provider DDoS Distributed-Denial-of-Service DD4BC Distributed-Denial-of-Service for Bitcoin FIC Financial Intelligence Centre FinStab Financial Stability Department Fl Financial Institution FMI Financial Market Infrastructure FSC Financial Stability Committee FSCA Financial Sector Conduct Authority FS-ISAC Financial Services

International Monetary Fund. African Dept.

2018 TA mission on TSA (AFW2) Jan 2018 TA mission on cargo inspection procedures and mentoring support to the Post Clearance Audit (PCA) Unit (AFW2) Monetary and Capital Markets Department Jul 2021 TA mission on Banking Cybersecurity Resilience Apr 2021 TA mission on FOREX Reserves Management Dec 2020 TA mission on Risk-based Supervision Nov 2020 Improving Monetary Policy and Liquidity Forecasting Management (AFW2) May 2020 Improving Monetary Policy Analysis and Liquidity Forecasting and Management (AFW2

International Monetary Fund. Monetary and Capital Markets Department
Cybersecurity risk continues to grow both in complexity and severity and is a function of an increasingly open and interconnected cyber and financial ecosystem. The South African financial system has a long history of incorporating technology and as for many financial systems across the globe, digitalization has become a strategic priority. For risk management to keep pace with the dynamic nature of cyber threats and threat agents, systemically important financial institutions (SIFIs) have made substantial investments in cyber resilience programs (e.g., establishing cyber strategies, frameworks, and governance structures). Consistent with many jurisdictions, and partly a result of widespread remote working arrangements implemented in response to the global pandemic, cybersecurity threats to financial stability increased. However, high standards of risk management meant threats did not materialize into significant losses and/or disruptions.
International Monetary Fund. Monetary and Capital Markets Department

Central Bank and Regulator Supervisor Forum (CERES), which is a program of the Financial Services Information Sharing and Analysis Center, Inc. (FS-ISAC). SARB has also established a cyber resilience governance structure at the financial services industry level: the Cybersecurity Resilience Sub-committee (CRS), which is a sub-committee of the Financial Sector Contingency Forum (FSCF). The CRS meets quarterly to discuss pertinent cybersecurity matters within the financial sector and to monitor, evaluate and guide cybersecurity efforts. SARB also uses some open

International Monetary Fund. African Dept.

technology. Business continuity and cyber-risks have become more acute during the COVID-19 crisis as increased use of digital technology has intensified vulnerability to data and privacy risks and cyber-attacks. There are three broad categories of digital risk against which policymakers should aim to build resilience: Cybersecurity resilience . Maintaining an appropriate cybersecurity stance ensures that digital technologies are protected from threats that could cause disruptions for users. Sub-Saharan Africa’s reliance on outsourced infrastructure services, such as