Regulatory Alerts2024-02-17 | BSD/TEN/CON/SRF/003/057Exposure Draft of The Risk-Based Cybersecurity Framework and Guidelines for Deposit Money Banks and Payment Service Banks
The Central Bank of Nigeria has issued a letter to banks and payment service providers, outlining a revised risk-based cybersecurity framework and guidelines to enhance their resilience against evolving cyber threats. The framework emphasizes the importance of integrating cybersecurity with business functions and outlines the responsibilities of boards, senior management, and Chief Information Security Officers in ensuring effective cybersecurity governance and oversight. It also highlights the need for institutions to conduct annual cybersecurity self-assessments and implement preventive controls, monitoring mechanisms, and incident response plans. Additionally, the framework addresses the use of emerging technologies, such as cloud computing and artificial intelligence, and emphasizes the importance of compliance with statutory and regulatory requirements.