The draft guidelines stipulating minimum requirements ranging from cybersecurity self-assessment tools to reporting templates
-
The draft guidelines outlined minimum requirements ranging from cybersecurity self-assessment tools to reporting templates for comments and inputs from financial institutions on or before July 31, 2018.
-
The framework provides a risk-based approach to managing cybersecurity risk.
The Central Bank of Nigeria (CBN) has released a draft risk-based framework and guidelines on cybersecurity for deposit money banks and payment service providers (PSPs).
Kola Balogun, the Central Bank’s Director of banking supervision, in a publication released on Wednesday, June 27, 2018, noted that the requirements were in light of a recent increase in the number and sophistication of cyber security threats against banks and PSPs.
“It has become mandatory for these institutions to strengthen their cyber defences if they are to remain safe and sound,” the statement read.
The draft guidelines stipulated minimum requirements ranging from cybersecurity self-assessment tools to reporting templates were released for comments and inputs from financial institutions on or before July 31, 2018.
The framework provides a risk-based approach to managing cybersecurity risk. The document comprises six parts: Cybersecurity Governance and Oversight, Cybersecurity Risk Management System, Cyber Resilience Assessment, Cybersecurity Operational Resilience, Cyber-Threat Intelligence and Metrics, Monitoring & Reporting.
ALSO READ: Nigeria's anti-graft commission sees cybercrime as the latest form of terrorism
In recent times, cybersecurity threats have increased in number and sophistication as deposit money banks (DMBs) and PSPs, use information technology to expedite the flow of funds among entities.
The publication added that “threats such as ransomware, targeted phishing attacks and Advanced Persistent Threats (APT), have become prevalent; demanding that DMBs and PSPs remain resilient and take proactive steps to secure their critical information assets including customer information that is accessible from the cyberspace."
“It is in this regard that this framework, which outlines the minimum cybersecurity baseline to be put in place by DMBs and PSPs, is being issued.”
Nigeria is working hard to curtail cybercrime and threats in the country. Last Monday, the country's anti-graft commission, Economic and Financial Crimes Commission, EFCC, announced a partnership with the Federal Bureau of Investigation (FBI) to tackle cybercrimes in the country.
Ibrahim Magu, Acting Chairman of the commission, had said that trends in global security denote that cyber crimes are the latest form of terrorism and corruption and this is a growing concern affecting all nations in the 21st century.