Dhaka – With increasing digitization and automation of the financial sector, cyber security threats have increased in sophistication with organized crime and state-level actors deploying targeted attacks. Bangladesh remains vulnerable to cyber-attacks because traditional cyber defenses such as anti-virus software and firewalls are proving ineffective against new threat vectors such as zero-day malware and Advance Persistent Threats (APT). Such attacks can cause financial loss and reputational risk.
Threat actors have evolved from independent individual hackers to sophisticated, well-resourced crime syndicates and state level actors.
In this changing context, Bangladesh Bank is a advising all entities in the financial sector to strengthen their cyber security posture and adopt best practice measures.
Some best practice measures are:
1. Establish Cyber Security Governance with visibility at the Board level
2. Comprehensive Cyber Security Risk Assessment
3. Conduct technical gap assessment and establish a vulnerability management program
4. Cyber security awareness programs and training for all employees
5. 24×7 Information Security Operations Center for monitoring and incident management
6. Develop an Incident Response Plan
7. Manage vendor risks for outsourced services
8. For Credit Card services, ensure Payment Card Industry-Data Security Standards (PCI-DSS) certification and offer chip-based cards for a higher level of security
Cyber security is a priority for the financial sector and a collective responsibility. All financial institutions are advised to continuously review and update their cyber security posture.
– Bangladesh Bank Circular issued on Saturday