161 Views

CBN Directs Nigerian Banks To Protect Data

Bank directors will henceforth be responsible for the protection and security of customers’ data against e-fradusters, the Central Bank of Nigeria (CBN) has directed.

The new rule followed the sophistication and jump in the number of cyber-security threats against Deposit Money Banks (DMBs) and Payment Service Providers (PSPs) which require strengthening their cyber defences to remain safe and sound.

Nigeria experienced over 4,000 cyber-attacks with 70 per cent success rate and loss of about $500 million in recent years mainly through cross channel fraud, data theft, email spooling, phishing, shoulder surfing and underground websites.

In a circular released yesterday titled: Risk-based Cyber-security Framework for Deposit Money Banks, signed by K.O Balogun for CBN Director of Banking Supervision, the regulator said provision of oversight and leadership and resources to ensure that cyber-security governance becomes an integral part of corporate governance, rests with the Board of Directors.

“The Board of Directors through its committees will now have overall responsibility for the DMB/PSP’s cyber-security programme. It will provide leadership and direction for effective conduct of the processes. The Board will ensure that cyber-security governance is integrated into the organisational structure and relevant processes,” it said.

Also, the board will ensure that cyber-security processes are conducted in line with business requirements, applicable laws and regulations while ensuring security expectations are defined and met across the DMB/PSP.

The Board will now hold Senior Management responsible for central oversight, assignment of responsibility, effectiveness of the cyber-security processes and shall ensure that the audit function is independent, effective and comprehensive.

Besides, the board will be responsible for all cyber-security governance documents such as cyber-security strategy, framework and policies and ensure alignment with the overall business goals and objectives.

Also, the board will, on a quarterly basis receive and review reports submitted by Senior Management. The report shall detail the overall status of the cyber-security programme to ensure that board- approved risk thresholds relating to cyber-security are being adhered to.

The CBN also directed the boards to henceforth ensure that cyber-security is completely integrated with business functions and, well managed across the DMB/PSP.
Cyber-security governance should not only aligns with corporate and Information Technology (IT) governance, but is cyber-threat intelligence driven, proactive, resilient and communicated to all internal and external stakeholders.

Boards are also mandated to appoint or designate a qualified individual as the Chief Information Security Officer (CISO) who shall be responsible for overseeing and implementing its cyber-security programme.

“The responsibilities of senior management include the implementation of the board-approved cyber-security policies, standards and the delineation of cyber-security responsibilities. Senior management will provide periodic reports (at a minimum quarterly); to the board on the overall status of the cyber-security programme of the DMB/PSP. The Chief Information Security Officer (CISO) are responsible for the day-to-day cyber security activities and the mitigation of cyber-security risks in the DMB/PSP,” the apex bank said

You may be interested

Man, 28, In Court Over Alleged Car Theft
Metro News
28 views
Metro News
28 views

Man, 28, In Court Over Alleged Car Theft

PH - September 20, 2018

The Police on Thursday arraigned a 28-year-old man, Chinedu Victor in a Kubwa Grade 1 Area Court over alleged car…

Robbers Stab Two To Death In Edo State
Metro News
36 views
Metro News
36 views

Robbers Stab Two To Death In Edo State

PH - September 20, 2018

Two persons have been stabbed to death by armed robbers who raided Amenze street and environs Off Costain Road, Benin…

NNPC Records N17.16b Trading Surplus
Business & Finance
33 views
Business & Finance
33 views

NNPC Records N17.16b Trading Surplus

PH - September 20, 2018

The Nigerian National Petroleum Corporation (NNPC) has consolidated on its operational performance with a trading surplus of ₦17.16bn in the…

Leave a Comment

Your email address will not be published.