Understanding Risk Management and Compliance, What Is

Understanding Risk Management and Compliance, What Is Different After Monday, September 8, 2014

â€œRecent global regulatory reforms, such as the Basel III capital adequacy and liquidity rules, have tended to focus on financial risks.

There has been much less focus on technology and cyber security risks despite the real systemic threats that they pose.â€

Who said that?

Well, wellâ€¦ he must be American, and he should work for Homeland Security, correct?

Wrong. Not this time.

This is part of the keynote address by Mr Muhammad bin Ibrahim, Deputy Governor of the Central Bank of Malaysia (Bank Negara Malaysia), at the SEACEN Cyber Security Summit 2014 â€œDemystifying Cyber Risks: Evolving Regulatory Expectationsâ€, in Kuala Lumpur.

I had never heard of a governor or deputy governor of a central bank saying something similar about Basel. And, I believe he is right.
For Basel III, cyber risk is a subcategory of a subcategory of the Operational Risk we have to quantify.

Mr Muhammad bin Ibrahim also said:

â€œWe can expect the management of cyber security risk to be even more relevant and challenging in the financial sector.

Financial institutions operate critical payment and settlement systems and maintain sensitive customer information.

This makes the financial system an attractive target for cyber security attacks.

The adoption of more sophisticated and digital technology for key systems such as trading platforms, data warehouses and internet banking introduces new sources of cyber security issues which could be more systemic.

For example, a distributed denial of service (DDoS) attack on banks in the United States in 2013 caused serious disruptions in access to online services.

While causing no major losses, the increasing sophistication of the cyber attack raises concerns over critical functions of the financial system.
This offers a glimpse of the potential harm confronting us in the years ahead.â€

â€œAs information technology grows, so do the capabilities of cyber criminals.

These criminals have a wide range of tools to execute cyber attacks, many of which are easily obtainable and relatively inexpensive to procure.
For example, cyber criminals can now control networks of compromised computers through "botnets" that enable anonymity.

This access can be bought or rented online.

In the hands of criminal or organisations that are determined to disrupt national stability, botnets could be used to steal sensitive data or disrupt access to critical national infrastructure.â€

Again, I had never heard of a governor or deputy governor of a central bank explaining botnets.

He continued: â€œThe regulatory community and the industry must act to ensure that supervisory practices and internal controls within the financial institution remain vigilant and install the necessary safeguards against cyber security threats.

There is a need to intensify our efforts in this regard and to place cyber security issues as a priority in our effort to make the financial system safe and sound.â€

Read more at Number 4 below.

Welcome to the Top 10 list.
Country USA
Author George Lekatis
Binding Kindle Edition
Format Kindle eBook
IsAdultProduct
NumberOfPages 148
PublicationDate 2014-09-05
ReleaseDate 2014-09-05

Country	USA
Author	George Lekatis
Binding	Kindle Edition
Format	Kindle eBook
IsAdultProduct
NumberOfPages	148
PublicationDate	2014-09-05
ReleaseDate	2014-09-05

Understanding Risk Management and Compliance, What Is Different After Monday, September 8, 2014

You might also like...