The Reserve Bank – Te Pūtea Matua has finalised its
guidance on what regulated entities should consider when
building their cyber resilience.
The guidance outlines
the Reserve Bank’s expectations around cyber resilience,
and draws heavily from leading international and national
cybersecurity standards and guidelines. The guidance applies
to all entities the Reserve Bank regulates, including
registered banks, licensed non-bank deposit takers, licensed
insurers and designated financial market
infrastructures
The finalised guidance on cyber
resilience aims to raise awareness of, and ultimately
promote, the cyber resilience of the financial sector,
especially at the board and senior management level of
regulated entities.
The guidance provides high-level
principle-based recommendations for entities and primarily
serves as an overarching framework for the governance and
management of cyber risk, which entities can tailor to their
own specific needs and technologies, rather than as an
explicitly detailed or technical set of
instructions.
The intention…
