Out-Law News 1 min. read
20 May 2016, 4:46 pm
The Hong Kong Monetary Authority (HKMA) has introduced a new cybersecurity fortification initiative (CFI) in a bid to "raise the level of cybersecurity of the banks in Hong Kong".
As part of the initiative a new framework will be established to help banks assess the cyber risks that apply to their business and what steps they need to take to address them.
In addition, a new training and certification programme will be established to "increase the supply of qualified professionals in cybersecurity", and a new platform will be developed to enable industry-wide sharing of "cyber intelligence".
The HKMA said banks will be required to implement the CFI plans as part of their regulatory compliance duties.
"If we wish to raise the cybersecurity of our banking system to a level commensurate with Hong Kong's position as the leading international financial centre in Asia, we cannot afford to go slow or lose any time," said Norman Chan, chief executive of the HKMA. "In a spirit of cooperation to achieve this common goal, the HKMA, the banking industry and our partners will work closely together to implement this ambitious but necessary CFI according to plan."
Hong Kong-based technology law expert Paul Haswell of Pinsent Masons, the law firm behind Out-Law.com, said that there have been some high profile data breach incidents in Hong Kong in recent times but not within the banking sector. However, he said the increasing levels of awareness of cybersecurity issues in Hong Kong likely prompted the HKMA to introduce its CFI plans.
"HKMA regulations already require banks to safeguard the data that they hold, although the guidance has not been as detailed as perhaps it should have been," Haswell said. "This initiative will help raise awareness, and most importantly will mean that banks have no excuse for poor security and protection against cyber risk."