Trinidad & Tobago: Central Bank conducting cyber risk assessment of financial institutions

The Central Bank of Trinidad & Tobago (CBTT) says it is conducting a survey to determine the adequacy of financial institutions’ cyber security, to ascertain what security measures are currently in place by institutions to lower the risk of loss.

The CBTT said it has taken note that cyber risk has become a key operational threat impacting licences, given the high prevalence of cyber attacks on the networks of financial institutions.

“The financial sector is arguably more exposed to cyber risks than other sectors, given that it is IT-intensive and highly dependent on information as a key input. Licensees’ use of technology includes greater levels of automation and integration with 3rd-party service providers and customers,” the CBTT said, adding “bank IT systems also have multiple points of contacts with outside parties than can result in significant vulnerability to cyber attacks.”

It said also that these could allow for entry points of attacks “targeting other parts of the financial system”, noting also that financial institutions are additionally highly interconnected through the payment systems.

“The types of cyber attacks facing financial institutions are varied and range from data breaches, security incidents and privacy violations,” the CBTT said, adding that “to mitigate cyber attacks, financial institutions must implement appropriate monitoring and investigative systems, as well as consumer notification alerts.

“Further, the increasing cyber attacks on financial institutions have focused attention on the need to strengthen cyber security. As the threats and vulnerabilities of these events evolve, licensees are expected to enhance their security standards to mitigate against the increasing risk associated with these activities.” -(CMC)