Qatar's banking sector remains a “heavily targeted” sector for cyberattacks, Qatar Central Bank said and noted phishing attempts and user targeted social engineering attacks represented more than 50% of the overall attacks in 2019.
“This year (2019) has seen a surge in the cyber-attacks targeting the users of these organisations. Therefore, through its key risk indicators (KRIs) reporting system, the QCB’s dedicated information security department (ISD) has been able to understand the patterns and anticipate on some of the cyber threats,” the banking regulator said in its latest Financial Stability Report.
The QCB has designed a new information and cyber security organisation with a dedicated independent information security department (ISD) that not only looks after QCB itself but also the entire financial sector cyber security practice and posture.
In order to achieve this, the QCB ISD has defined a governance framework, a set of security measures via technical, policy and regulatory requirements as well as reporting mechanisms at various levels.
The new organisation structure covers both the security governance and assurance aspects of the work.
The engagement with the financial sector has been formalised with a dedicated security forum, namely the BSG (Banking Security Group) and its terms of reference, which serves as a platform to exchange information and collaborate with the banking sector primarily but also with the remaining sectors entities.
Statistics showed that in 2019, the “banking sector remained a heavily targeted sector” with all the layers being seen as opportunity to steal valuable information assets, QCB noted.
The phishing attempts and user targeted social engineering attacks represented more than 50% of the overall attacks, while the remaining portion aims at the systems or network infrastructure, it said.
Cybercrime campaigns targeting banks with sophisticated malicious emails leveraged advanced malware packages such as ‘EMOTET’.
The cyber threat activity increased by 50% in 2019, QCB pointed out. As a result, QCB developed “practices and response mechanisms” in order to “limit” such risks and “anticipate” those types of attacks, “ramping up” the awareness messages, training of the users and the development of cyber security capabilities.
This year, the QCB ISD is defining new programs that will enhance the overall posture of the financial sector overall including the new entrants- the Fintech organisations, QCB said.
The QCB ISD has developed a new set of regulatory requirements to cater for the acceptance of Fintech entities as financial sector entities as part of the QCB Fintech Sandboxing process.
LEAVE A COMMENT Your email address will not be published. Required fields are marked*
Opec, in contrast to IEA, sees lower 2022 global oil demand growth
QSE surges 175 points as index surpasses 13,700 points, M-cap gains QR8bn
QFB net profit in H1 surges to QR42mn
Foxconn starts to feel sting of slowing smartphone sales
RBI tightens rules on digital lending after complaints
SoftBank gives up a third of Alibaba stake for $34bn gain
US inflation eases slightly to 8.5% in July as fuel prices dip
VNRs can accelerate fight against man-made climate change in the Middle East, says Al-Attiyah Foundation
European airline industry faces headwinds due to shortage of skilled labour