What do you think?
Rate this book
Understanding Risk Management and Compliance, What Is Different After Monday, September 8, 2014
“Recent global regulatory reforms, such as the Basel III capital adequacy and liquidity rules, have tended to focus on financial risks.
There has been much less focus on technology and cyber security risks despite the real systemic threats that they pose.”
Who said that?
Well, well… he must be American, and he should work for Homeland Security, correct?
Wrong. Not this time.
This is part of the keynote address by Mr Muhammad bin Ibrahim, Deputy Governor of the Central Bank of Malaysia (Bank Negara Malaysia), at the SEACEN Cyber Security Summit 2014 “Demystifying Cyber Evolving Regulatory Expectations”, in Kuala Lumpur.
I had never heard of a governor or deputy governor of a central bank saying something similar about Basel. And, I believe he is right.
For Basel III, cyber risk is a subcategory of a subcategory of the Operational Risk we have to quantify.
Mr Muhammad bin Ibrahim also
“We can expect the management of cyber security risk to be even more relevant and challenging in the financial sector.
Financial institutions operate critical payment and settlement systems and maintain sensitive customer information.
This makes the financial system an attractive target for cyber security attacks.
The adoption of more sophisticated and digital technology for key systems such as trading platforms, data warehouses and internet banking introduces new sources of cyber security issues which could be more systemic.
For example, a distributed denial of service (DDoS) attack on banks in the United States in 2013 caused serious disruptions in access to online services.
While causing no major losses, the increasing sophistication of the cyber attack raises concerns over critical functions of the financial system.
This offers a glimpse of the potential harm confronting us in the years ahead.”
“As information technology grows, so do the capabilities of cyber criminals.
These criminals have a wide range of tools to execute cyber attacks, many of which are easily obtainable and relatively inexpensive to procure.
For example, cyber criminals can now control networks of compromised computers through "botnets" that enable anonymity.
This access can be bought or rented online.
In the hands of criminal or organisations that are determined to disrupt national stability, botnets could be used to steal sensitive data or disrupt access to critical national infrastructure.”
Again, I had never heard of a governor or deputy governor of a central bank explaining botnets.
He “The regulatory community and the industry must act to ensure that supervisory practices and internal controls within the financial institution remain vigilant and install the necessary safeguards against cyber security threats.
There is a need to intensify our efforts in this regard and to place cyber security issues as a priority in our effort to make the financial system safe and sound.”
Read more at Number 4 below.
Welcome to the Top 10 list.
There has been much less focus on technology and cyber security risks despite the real systemic threats that they pose.”
Who said that?
Well, well… he must be American, and he should work for Homeland Security, correct?
Wrong. Not this time.
This is part of the keynote address by Mr Muhammad bin Ibrahim, Deputy Governor of the Central Bank of Malaysia (Bank Negara Malaysia), at the SEACEN Cyber Security Summit 2014 “Demystifying Cyber Evolving Regulatory Expectations”, in Kuala Lumpur.
I had never heard of a governor or deputy governor of a central bank saying something similar about Basel. And, I believe he is right.
For Basel III, cyber risk is a subcategory of a subcategory of the Operational Risk we have to quantify.
Mr Muhammad bin Ibrahim also
“We can expect the management of cyber security risk to be even more relevant and challenging in the financial sector.
Financial institutions operate critical payment and settlement systems and maintain sensitive customer information.
This makes the financial system an attractive target for cyber security attacks.
The adoption of more sophisticated and digital technology for key systems such as trading platforms, data warehouses and internet banking introduces new sources of cyber security issues which could be more systemic.
For example, a distributed denial of service (DDoS) attack on banks in the United States in 2013 caused serious disruptions in access to online services.
While causing no major losses, the increasing sophistication of the cyber attack raises concerns over critical functions of the financial system.
This offers a glimpse of the potential harm confronting us in the years ahead.”
“As information technology grows, so do the capabilities of cyber criminals.
These criminals have a wide range of tools to execute cyber attacks, many of which are easily obtainable and relatively inexpensive to procure.
For example, cyber criminals can now control networks of compromised computers through "botnets" that enable anonymity.
This access can be bought or rented online.
In the hands of criminal or organisations that are determined to disrupt national stability, botnets could be used to steal sensitive data or disrupt access to critical national infrastructure.”
Again, I had never heard of a governor or deputy governor of a central bank explaining botnets.
He “The regulatory community and the industry must act to ensure that supervisory practices and internal controls within the financial institution remain vigilant and install the necessary safeguards against cyber security threats.
There is a need to intensify our efforts in this regard and to place cyber security issues as a priority in our effort to make the financial system safe and sound.”
Read more at Number 4 below.
Welcome to the Top 10 list.
133 pages, Kindle Edition
First published September 5, 2014
2 people want to read
About the author
George Lekatis
137 books1 followerGeorge Lekatis is the general manager of Compliance LLC, a leading provider of risk and compliance training and executive coaching in 36 countries. Several business units of Compliance LLC are very successful associations that offer standard, premium and lifetime membership, weekly or monthly updates, training, certification, Authorized Certified Trainer (ACT) programs, advocacy and other services to their members.
George is the president of the International Association of Risk and Compliance Professionals (IARCP). He was in charge of the team that developed the Certified Risk and Compliance Management Professional (CRCMP) program. Companies and organizations like IBM, Accenture, USAA etc. consider the CRCMP a preferred certificate. You can find more about the demand for CRCMPs at: http://www.risk-compliance-associatio...
George is a sought-after expert on Basel II / Basel III. He is the president of the Basel iii Compliance Professionals Association (BiiiCPA, http://www.basel-iii-association.com), the largest association of Basel iii professionals in the world and the Basel ii Compliance Professionals Association (BCPA, http://www.basel-ii-association.com), the largest association of Basel ii professionals in the world.
George is also president of the Sarbanes Oxley Compliance Professionals Association (SOXCPA, http://www.sarbanes-oxley-association...), the largest Association of Sarbanes Oxley professionals in the world.
George has more than 20,000 hours experience as a professional speaker and seminar leader. He has worked for more than 22 years as a management consultant and educator and has demonstrated exceptional presentation and communication skills.
George holds several certificates, including a Master of Laws in international business law from the University of London (Queen Mary, UCL). He is an expert witness, qualified to investigate and testify about risk and compliance management standards.
George is the president of the International Association of Risk and Compliance Professionals (IARCP). He was in charge of the team that developed the Certified Risk and Compliance Management Professional (CRCMP) program. Companies and organizations like IBM, Accenture, USAA etc. consider the CRCMP a preferred certificate. You can find more about the demand for CRCMPs at: http://www.risk-compliance-associatio...
George is a sought-after expert on Basel II / Basel III. He is the president of the Basel iii Compliance Professionals Association (BiiiCPA, http://www.basel-iii-association.com), the largest association of Basel iii professionals in the world and the Basel ii Compliance Professionals Association (BCPA, http://www.basel-ii-association.com), the largest association of Basel ii professionals in the world.
George is also president of the Sarbanes Oxley Compliance Professionals Association (SOXCPA, http://www.sarbanes-oxley-association...), the largest Association of Sarbanes Oxley professionals in the world.
George has more than 20,000 hours experience as a professional speaker and seminar leader. He has worked for more than 22 years as a management consultant and educator and has demonstrated exceptional presentation and communication skills.
George holds several certificates, including a Master of Laws in international business law from the University of London (Queen Mary, UCL). He is an expert witness, qualified to investigate and testify about risk and compliance management standards.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
No one has reviewed this book yet.