RESOLUTION OF BOARD OF NATIONAL BANK OF THE REPUBLIC OF KAZAKHSTAN

of October 29, 2018 No. 281

About approval of Strategy of cyber security of the financial sector of the Republic of Kazakhstan for 2018-2022

For the purpose of implementation of the Concept of the cyber security ("Kibershchit Kazakhstan") approved by the order of the Government of the Republic of Kazakhstan of June 30, 2017 No. 407, Board of National Bank of the Republic of Kazakhstan DECIDES:

1. Approve the enclosed Strategy of cyber security of the financial sector of the Republic of Kazakhstan for 2018-2022.

2. To management of information threats and cyberprotection (Perminov R. V.):

1) in the procedure established by the legislation of the Republic of Kazakhstan to provide placement of this resolution on official Internet resource of National Bank of the Republic of Kazakhstan;

2) to develop the Actions plan on strategy implementation of cyber security of the financial sector of the Republic of Kazakhstan for 2018-2022.

3. To impose control of execution of this resolution on the vice-chairman of National Bank of the Republic of Kazakhstan Smolyakov O. A.

4. This resolution becomes effective from the date of its signing.

Approved by the Resolution of Board of National Bank of the Republic of Kazakhstan of October 29, 2018 No. 281

The strategy of cyber security of the financial sector of the Republic of Kazakhstan for 2018 - 2022

Chapter 1. Purpose and description

The strategy of cyber security of the financial sector of the Republic of Kazakhstan for 2018 - 2022 (further - Strategy) describes complex of the purposes, tasks and actions, achievement, the decision and which realization will allow to provide creation of effectively functioning system of ensuring cyber security of the financial sector of the Republic of Kazakhstan (further - system of ensuring cyber security). Strategy determines key participants of system of ensuring cyber security, their role and responsibility within implementation of the tasks. Strategy is directed first of all to creation within system of ensuring cyber security of information exchange between participants. Main objective of Strategy is creation of conditions for safe provision of financial services that is necessary for ensuring stable functioning and development of the financial sector of the Republic of Kazakhstan (further - the financial sector).

Strategy contains the overview of current status of cyber security in the financial sector, and also the neighboring risks arising in cyberspace. Strategy offers method of the organization of system of ensuring cyber security and task which need to be executed for achievement of effective objectives.

Strategy is prepared on the basis of the Concept of the cyber security ("Kibershchit Kazakhstan") approved by the order of the Government of the Republic of Kazakhstan of June 30, 2017 No. 407 (further - the Concept) which is the medium-term document and is constituted taking into account the current realities and situation in the field of cyber security in the financial sector.

This Strategy determines the main directions of creation of the system of ensuring the cyber security including effective protection of electronic information resources, information systems, networks of telecommunications of subjects of the financial market and allowing to react quickly on the existing and again appearing threats in cyberspace.

Following of this Strategy will help goal achievement, delivered by the Concept.

Chapter 2. Terms and determinations

Cyberspace - the complex virtual circle created as a result of interaction of people, the software and services on the Internet by means of technological devices and networks.

Cyber security - information security in cyberspace, condition of security of information electronically and circles of its processing, storage, transfer (electronic information resources, information systems and information and communication infrastructure) from external and internal threats;

Ensuring cyber security - preserving confidentiality, integrity and availability of information in cyberspace.

Cybercrime - the crime type implying the acts pursued under the law made with use of information technologies in cyberspace.

Chapter 3. Introduction

Bystry development of information and communication technologies (further - ICT) brings benefit to modern society, but at the same time generates new technologically more difficult risks and threats. The modern financial organization represents different complex of the automated information systems, telecommunication networks, desktop computers and mobile devices. Use of new ICT for achievement of economic superiority is regulation among subjects of the financial market.

Development of ICT in the financial sector, and also the active growth of rendering remote financial services is increased by the risks connected with violation of confidentiality, integrity and availability of information (bank secrecy, the commercial information, personal data) and safety of information systems in cyberspace.

In such conditions ensuring due level of cyber security, including protection against cyber attacks is necessary. Cyber attacks are one of the most considerable safety hazards for modern financial system of any state therefore cyber security became important and integral part of homeland security.

For consumers of financial services satisfaction with safety, quality, cost and the list of the services rendered remotely is important. The financial organizations are faced, in turn, by the purpose of the maximum decrease in level of risks in case of the minimum costs for ensuring cyber security. Common goal, both for society and the state, and for the financial organizations is forming of the financial sector capable it is most effective and safe to perform the function of the financial intermediary.

At the same time the problem of cybercrime acquires global nature. The latest ICT allows criminals to remain anonymous, and the growing amounts of the financial resources addressing in cyberspace involve more and more people in these criminal activities.

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info