New Delhi
In a move to strengthen cybersecurity, New Zealand's central bank announced on Monday that it was implementing stringent reporting regulations for major cyber incidents.
This is based on a Reuters report.
Banks operating in New Zealand are now mandated to report significant cyber breaches within 72 hours.
The Reserve Bank of New Zealand (RBNZ) highlighted the importance of timely reporting to ensure effective responses to cyber incidents.
"Having accurate, timely information is key," asserted Kate Le Quesne, Director of Prudential Policy at RBNZ.
Le Quesne underscored the vitality for robust cyber resilience measures and highlighted the collaborative efforts between RBNZ and the Financial Markets Authority (FMA) in formulating shared reporting requirements.
These coordinated initiatives aim to streamline reporting processes and enhance regulatory oversight across the financial sector.
Under the proposed rules, banks are obligated to notify RBNZ of all cyber incidents promptly.
Large entities will be required to report such incidents every six months, while other entities must adhere to an annual reporting schedule.
Additionally, banks are mandated to provide self-assessment measures to RBNZ, ensuring comprehensive monitoring and evaluation of cybersecurity protocols.
The surge in online breaches in New Zealand prompted the government's proactive response last year, with the establishment of a lead agency dedicated to bolstering cyber defence.
This initiative aims to facilitate public and business engagement, offering assistance during network intrusions and reinforcing cybersecurity resilience across sectors.
New Zealand's financial sector encountered a notable cyber incident in 2021 when a breach compromised the data systems of RBNZ, affecting a file-sharing service utilised by the bank for external stakeholder communications.
(With inputs from Reuters)