The Financial Markets Authority (FMA) – Te Mana Tātai Hokohoko – is reminding licensed financial service providers about the importance of cyber-resilience as part of Cyber Smart Week 2023.
Cyber Smart Week is CERT NZ’s annual cyber resilience awareness campaign which runs from October 30 – November 5. CERT NZ has also launched a new website for New Zealanders to stay secure online called Own Your Online.
As part of the FMA’s role in promoting fair, efficient, and transparent markets, we encourage all financial service providers to protect themselves online, particularly with the growing threat from online scams and data attacks. Effective management of cyber risk by financial service providers directly contributes to the operational resilience capability of the entity.
One of the requirements for some FMA-licensed entities is that they must notify the FMA of any event that materially impacts the information security of their critical technology systems, which can be caused by cyber-related incidents.
A 2019 thematic review of cyber resilience in FMA-regulated entities found most participants were aware of the increasing cyber security risk and assessed themselves as being highly capable of protecting against, and recovering from, such threats. However, participating entities did not rate themselves highly in terms of detecting and responding to cyber threats. Participants also predicted that their cyber resilience was generally expected to improve over the following two years.
FMA Executive Director of Response and Enforcement Paul Gregory said: “In cyber risk, prevention is better than cure. The FMA encourages all financial service providers to understand cyber threats and to ensure their systems are resilient to best protect themselves and their customers. It is important that entities encourage their staff to better understand the cyber risk and to be aware of the materials provided by CERT NZ and the FMA to best protect their businesses and their customers.”
FMA-related documents on cyber resilience
Useful business focussed links from CERT NZ:
- Cyber security risk assessments for business
- Cyber security awareness for staff
- Phishing scams and your business
- Protecting your business online
- Business cyber health check
- Cert NZ’s Critical Controls
- Top 11 cyber security tips for your business