Due to increased cybersecurity threats to other financial institutions (OFI), the Central Bank of Nigeria has issued a risk-based cybersecurity framework and OFI guidelines.
This was disclosed in a circular called; The exposure draft of the risk-based online securities framework and guidelines for other financial institutions, Signed by NKIRU E. ASIEGU, Director of the Supervision Bureau of Other Financial Institutions.
Top banks consider the reliance of financial institutions on information and communication technology (ICT) in their daily operations and the increase in cyber security threats and attacks on financial intuition; therefore, cyber security measures must be implemented to mitigate these risks.
CBN determined that cyber security resilience is critical to enhancing financial intuition, because cyber security resilience considers the organization’s ability to maintain normal operations in the presence of all cyber threats and potential risks in its environment, and provides organizations that use its governance and interconnected networks. Substantial guarantee, and culture.
According to the CBN, the purpose of the guideline is as follows
- Create a safer and more secure network environment, support information system security and promote the stability of OFI sub-industry
- Contribute to the prevention and fight against cybercrime in OFI sub-industry
- Promote OFI adoption and implementation of best practices and appropriate cybersecurity standards
- Promote and maintain public trust and confidence in OFI sub-industry
- Promote cybersecurity culture and awareness through continuous capacity building and skill development.
CBN also stated that “OFI should note that for a cybersecurity program to be successful, it must be fully integrated into its business goals and objectives, and it must be an integral part of the overall risk management process.
The framework provides a risk-based approach to managing cybersecurity risks. The document consists of six parts; cyber security governance and supervision, cyber security risk management system, cyber resilience assessment, cyber security operational resilience, cyber threat intelligence and indicators, and monitoring. “
Why this is important
Given the reliance of financial institutions on information and communication technologies (ICT) in their daily operations and the growth of cybersecurity threats and attacks on financial institutions, it is necessary to develop cybersecurity strategies to reduce risks.