Business & Money | Tuesday 1 November, 2016 5:35 pm |

Qatar Central Bank hosted the third annual Conference for Information Security in Financial Institutions, on 1st November 2016 at Sheraton Grand Doha Resort & Convention Hotel. The conference shedded light on information security, the challenges it faces and infrastructure improvements.  The third conference agenda is a continuation of earlier conferences for Information Security with regards to Financial Institutions. His Excellency Sheikh Abdulla Bin Saoud Al-Thani, Governor of Qatar Central Bank, Chief Security Advisers and CEOs of well-known companies. Dr. R. Seetharaman, Group CEO of Doha Bank spoke on 1st November 2016.

Dr. R. Seetharaman gave insight on cybersecurity scenario today. He said “The rapid rise of cyber risks and their potential to disrupt global financial stability have elevated cybersecurity to a top policy priority. Cyber risks are now regarded as a leading threat to the global financial system by policymakers. The key cyber security vulnerability from a systemic risk perspective is related to the heavy reliance of financial institutions on information technology and communications, and in particular the highly interconnected nature of these systems. Collaborate, contribute, consume and create knowledge about today’s top security trends, help to identify security issues that are relevant and emerging as well as issues that need more guidance.”

Dr. R. Seetharaman highlighted on global trends in cybersecurity. He said “Recently the Group of Seven industrial powers as part of Global Governance had agreed on guidelines for protecting the global financial sector from cyber-attacks following a series of cross-border bank thefts by hackers. Policymakers have grown more worried about financial cyber security in the wake of numerous hacks of SWIFT, the global financial messaging system. The goal of the guidelines was also to get firms and regulators across the world to approach risks the same way. The eight elements in the guidelines start with entities establishing cybersecurity strategies and operating frameworks tailored to their specific cyber risks, and assigning roles and responsibilities for personnel implementing, managing, and overseeing those strategies and frameworks.”

 

Dr. R. Seetharaman gave insight on cyber-attacks in GCC. He said “Threats are increasingly targeting governments, the energy sector, financial services industry and telecommunications sectors in the GCC. The types of cyber-attacks includes hacktivism, when criminals launch attacks based on their ideology, the second is to destabilize a company and the third is the one where most people associate cybercrime  for financial ends. In this people do either a phishing attack of use viruses that block the computer or data for a ransom. Ransom ware continues to pose a threat to organizations, with the malware development lifecycle being so short that a strong defense is still a major challenge for many organizations.” The sectors with financial inclusion became a victim of cyber-attacks in GCC.

Dr. R. Seetharaman highlighted on measures taken by Qatar on cybersecurity. He said “  In view of the recent cyber security incidents and to ensure the continuity of business in a disaster scenario, QCB came up with below initiative which was mandated for all banks in Qatar: Conduct the cyber security maturity assessment; Assess the Business availability posture of banks in the event of a disaster. A framework for cyber security was developed in which the Cyber security requirements as mandated by QCB circular 105/ 2012, and the National Information Assurance Policy of Qatar – (NIAP); Requirements from International Information protection standards e.g. ISO 27001:2013 version and National Institute of Standards and Technology (NIST) Cyber Security Framework. The initiative was well received by all the banks since it provided the opportunity to proactively prepare us for any future cyber-attacks. The assessment has helped to understand the current cyber security posture of our bank and our readiness to mitigate the risks emerging from cyber-attacks”. A Public Private partnership initiatives to be intensified for cybersecurity governance.