Hong Kong Monetary Authority looks to improve banks’ cyber security

The banking regulator is considering plans to require banks in the city to assess their resilience to cyber attacks and ways to train more qualified cybersecurity experts.

From Tuesday, the Hong Kong Monetary Authority began a three-month consultation into the initiative.

The latest policy drive, which was named the “Cybersecurity Fortification Initiative”, was announced after the authority’s chief executive Norman Chan Tak-lam said at the Cyber Security Summit last week that the city’s financial sector could not be complacent, even though there were very few cases of serious cyberattacks reported in the past in Hong Kong.

Giving more details about the initiative on Tuesday, Arthur Yuen, deputy chief executive of the Hong Kong Monetary Authority, said one aspect of the policy was to require banks to arrange certified professionals to assess their cyber resilience levels to see how prepared they are to face cyber threats.

The assessment would aim to cover 25 components, from staffing, training and data security to incident management and threat intelligence.

After the assessment, if gaps are found, banks will have to make plans for improvements.