Banking Crime & Judiciary Matters Latest News Technology

CBN Charges OFIs On Cybersecurity Guidelines’ Compliance

The Central Bank of Nigeria (CBN) has issued new guidelines for improved cybersecurity in the Nigerian financial system, particularly among the Other Financial Institutions (OFIs).

The guidelines outline the requirements the OFIs were requested to observe in the development and implementation of strategies, policies, procedures and related activities aimed at mitigating cyber risks.

The apex bank, in its latest circular signed by Director of OFI’s Supervision Department, Mrs. Nkiru Asiegbu, set January 1, 2023, as the deadline for compliance by all affected institutions.

Specifically, the OFIs were directed to ensure a more sound cyber environment that “supports information system security and promote stability of the OFIs sub-sector.”

The regulatory banking institution stressed that the safety and soundness of OFIs required that they operate in a safe and secure environment to avoid financial loss and reputation risks, among others.

The circular stated: “As a result of recent increase in the number and sophistication of cybersecurity threats against financial institutions, especially Other Financial Institutions (OFIs), it has become mandatory for institutions to strengthen their cyber defences if they are to remain safe and sound.

“Consequently, the CBN hereby issues the attached Risk-Based Cybersecurity Framework and Guidelines for OFIs, which represent the minimum requirements to be put in place by all OFIs.” The Bank said. “The effective date for full compliance with the provisions of the guidelines is January 1, 2023.”

“In recent times, threats such as ransomware, targeted phishing attacks and Advanced Persistent Threats (APT) have become prevalent, demanding that financial institutions, including OFIs strengthen their cyber resilience and take proactive steps to secure their critical information assets to ensure their safety and soundness”, the apex bank added.

It defined cybersecurity resiliencies considered as an organization’s ability to maintain normal operations despite all cyber threats and potential risks in its environment.







Spread the love

Leave a Reply

Your email address will not be published.