On 20 October 2020, the Reserve Bank – Te Pūtea Matua (RBNZ) released draft guidance on what regulated entities should consider when managing cyber resilience.
The draft guidance, which is open for feedback, outlines the Reserve Bank’s expectations around cyber resilience, and draws heavily from leading international and national cybersecurity standards and guidelines.
“As cyber risk continues to rise, there is growing awareness that cyber incidents could present risks to the stability of the entire financial system. Improving cyber resilience has become a key priority for prudential regulators around the world.”
The consultation document presents draft cyber risk management guidance which would apply to all entities the Reserve Bank regulates. This includes registered banks, licensed non-bank deposit takers, licensed insurers and designated financial market infrastructures. The consultation paper also seeks feedback on how information gathering and sharing by the Reserve Bank with relevant public sector bodies can help to build cyber resilience.
“We recognise that managing cyber resilience is a shared responsibility and that it is important to collaborate and coordinate with all relevant stakeholders.”
Read the report here:
Access more information about the NIST Cybersecurity framework here: