Regulatory Alerts2016-01-25 | 02/17/150/0095/001Reporting on Cyber Security Events
The Bank Supervision Department of the Central Bank of Sri Lanka requires all licensed commercial and specialised banks to submit Cyber Security Event reports with immediate effect. Institutions must file initial incident notifications (CSE-I) within one working day of detection and quarterly summaries (CSE-II) within fifteen days after each quarter ends. Banks must also provide retrospective data for all incidents detected since January 2015, submitting these reports electronically or via confidential cover to the Director of Bank Supervision.
$ goor Oo Orotg0 Samimo lo*#rr arrdld cErrkfl ilrr{r( oFsnt lAffr(A }g January 2016 CIRCULAR Refz 02n7n50l0095/001 Bank Supervision Department To: The Chief Executive Oflicers of Licensed Commercial Banks and Licensed Specialised Banks Reporting on Cyber Security Events All licensed banks are requested to submit the reports on Cyber Security Events (CSE) as follows with immediate effect: a. CSE-I as at Annex within one working day from the detection of any CSE. b. CSE-II as at Annex within 15 days from the end of each quarter. c. Details of all CSE detected by the bank from 01.01.2015 in same format as in (b.) above, if not already submitted. The above details shall be e-mailed to dbsd@cbsl.lk or delivered in confidential cover to the Director of Bank Supervision. Encl: 6 Oo oocr, qeo 80, dooa.rd @rOtD, o..€cr.5go, elotgo Of, € €plooo I $nzttttoorcss 6 ggdr orr9, Oal. 30 sdrrrnugt mo$op Gatr(griq I E. Ou. eo.590, Oangiq 01, eendtos tstrd 6, ilo, 30, tranadhlpafil tlaudu, Colombo I P.0.Box.590,Colombo 01, Sil lanl6. H gtu24rrt11 E banksup@cbsl.lk @ www.cbsl.gov.lk
CSE-I To: Director of Bank SuPervision Repoft on Cvber Securitv Evenls Name of Bank: Name and designation of authorised officer (!) Type ofincident: Inhusion/hacking, Malware, Malicious code, Virus, Phirhing, D€oial ofsavice, social engineering, uuauthorized slsteut usage, Oth€r (specin @) Please provide the amomt in case of finanoial impact and description in case of operational impaot' (c) To whoor the event has been internally escalated. [Email to dbsd@cbsl.lk or deliver in confidential cover to the Director of Bank Supervision.] Reporting time period: Type of incident(u) Summary of incident Date of detection Physical location/ branch (if applicable) Estimated/actual impact of the incident (Financial and bnerational)@) Internal reporting authority(c) Law enforcement authorities involved (if applicable)
CSE.II To: Director of Bank SuPervision Name of Bank: Ouarterlv Report on Cvber Securitv Events Reporting time Period: Type of incident(") Summary of incident Time period of incident Date of detection Physical location/ branch (if applicable) Impact of the incident (Financial and dperational)(b) Internal reporting authority(") Involved law enforcement authorities (if applicable) Nrme rltd designsdotr of &uthorised qfffcer (8) Type ofinadene I rusiodhackilg, Malware, Malicious corle, virus, Phishing D€rdal ofservice, social engineeritrg, uoauthorized system usage. Other (specifo) (b) Please povide the.amount in oase offi.oanqial impacl alld desoaiption in case ofoperationat impaot' (c) To whom the evsnt has beetr intemally escalated. [Email to dbsd@,cbs1.lk or deliver in confidential cover to the Director of Bank Supervision.]