The Hong Kong Monetary Authority (HKMA) announced today (3 November 2020) the launch of an upgraded Cybersecurity Fortification Initiative (CFI) 2.0, following industry consultation.
The HKMA introduced the CFI in 2016, which aims to raise the cyber resilience of Hong Kong’s banking system. The initiative is underpinned by three pillars: the Cyber Resilience Assessment Framework (C-RAF), the Professional Development Programme (PDP), and the Cyber Intelligence Sharing Platform (CISP).
To cope with the fast-changing cybersecurity landscape, the HKMA has recently completed a holistic review of the CFI through market studies, interviews and surveys, followed by extensive industry consultation.
The results of the review show that the banking industry is strongly supportive of the CFI. Over 90% of banks found the C-RAF useful, especially in identifying previously unrecognised gaps. All the banks found the Intelligence-led Cyber Attack Simulation Testing (iCAST) helpful in preparing for cyber attacks.
Taking into account the industry’s feedback during the review, the CFI has been further enhanced with a view to streamlining the cyber resilience assessment process while maintaining effective control standards that are commensurate with the latest technology trends. The CFI 2.0 will come into effect 1 January 2021 and be implemented following a phased approach.
Mr Arthur Yuen, Deputy Chief Executive of the HKMA, said, “Since the launch of the CFI in 2016, the global cybersecurity landscape has continued to evolve and banks have undergone further digital transformation. We have therefore enhanced the CFI to reflect the latest trends in technology and incorporate recent developments in global cyber practices. Enhancements have also been made to facilitate the development of the local talent pool for better management of cyber security risk. We believe CFI 2.0 will raise the cyber resilience of the banking sector to an even higher level.”
Digitpol is helping clients meet the HKMA C-RAF 2.0 standards within the Cybersecurity Fortification Initiative (CFI) in a step by step approach to implement clients existing cybersecurity plan into action and upgrading up your existing cyber security structure to meet the requirement. In cases of clients without a current cyber security, we have the full package ready.
Hong Kong Monetary Authority
3 November 2020
Is your business effected by Cyber Crime?
If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol's hotlines or respond to us online.
Digitpol is available 24/7.
UK +44 20 8089 9944