Dubai Financial Services Authority publishes review report on cyber risks

In News

The Dubai Financial Services Authority (DFSA) published a thematic review report on cyber risks. The Report highlights a number of important opportunities for operational risk management practices of firms operating in the Dubai International Financial Centre (DIFC).

Launched this month with an objective of identifying the overall maturity level of cyber security programmes of firms authorised by DFSA, the Cyber Thematic Review assessed cyber risk governance frameworks, cyber hygiene practices, and resilience (incident preparedness) programmes.

The Review found that a significant number of firms had either not implemented a comprehensive cyber risk management framework or performed only a limited cyber risk assessment. Assessing how firms have implemented cyber hygiene practices, the findings also show that a number of firms, particularly smaller firms, did not enforce encryption on devices to protect sensitive data. The most significant finding on firms resilience towards cyber-attacks show that at least half did not have a continuous identification and response capability for managing cyber incidents.

Although not part of this review, the new remote working protocols established in 2020 also bring new cyber risk vulnerabilities that need to be addressed by the financial services industry. The Report further summarises these key findings and observations together with the DFSA’s expectations and examples of best practices of cyber risk management. It focuses on cyber risk fundamentals which are relevant to each Authorised Firm, regardless of its size and business model.

Chief Executive of the DFSA, Bryan Stirewalt said “Enhancing the cyber resilience of our regulated population is one of our key priorities. Over the past two years, we have steadily increased our supervisory focus on cyber risk. We are constantly engaging with Firms in the DIFC to ensure they have sufficient safeguards in place to shield against cyber threat as well as effective processes to respond to and recover from a successful attack. Our focus also includes support for development of industry level guidance on cyber risk management practices. These intensified efforts support the UAE Cybersecurity Strategy and the Dubai Cybersecurity Strategy and are designed to strengthen the cybersecurity environment in the DIFC.”

As part of its efforts to strengthen cyber resilience in the DIFC, the DFSA launched its cyber threat intelligence platform (DFSA TIP) in January 2020. DFSA TIP aims to facilitate the development of a community of information sharing amongst financial services firms.


You may also read!

Five indicators that ascertain an impending ransomware attack

Peter Mackenzi, Global Malware Escalations Manager,Sophos, highlights the five indicators that point to an impending ransomware attack on any


ESET to highlight KrØØk and Stantinko at Black Hat USA 2020

ESET, will highlight its latest research during Black Hat USA 2020. ESET researchers Robert Lipovský, Štefan Svorenčík and Vladislav


Actionable DDoS Weapons Intelligence: a proactive way to successfully defend against DDoS attacks

Ehab Halablab, Regional Sales Director – Middle East at A10 Networks, emphasizes on the need to deploy Actionable DDoS


Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu