The Reserve Bank of New Zealand (RBNZ) has released draft guidance on how its regulated entities can build cyber resilience.
According to RBNZ deputy governor and general manager of financial stability Geoff Bascand, the cyber world has long been recognised as a significant source of operational risk for the financial institutions RBNZ regulates.
These institutions include registered banks, licensed non-bank deposit takers, licensed insurers and designated financial market infrastructures.
The draft, which is open for public feedback until January 29, 2021, is heavily based on leading international and national cybersecurity standards and guidelines and outlines the regulator’s expectations regarding cyber resilience.
“As cyber risk continues to rise, there is growing awareness that cyber incidents could present risks to the stability of the entire financial system. Improving cyber resilience has become a key priority for prudential regulators around the world,” Bascand said.
”We recognise that managing cyber resilience is a shared responsibility and that it is important to collaborate and coordinate with all relevant stakeholders. The proposed guidance and our information collection plans have been designed to complement the work of other government agencies with a direct interest in promoting cyber resilience in the financial sector – including the Financial Markets Authority, the National Cyber Security Centre and the Computer Emergency Response Team.”