Content |
2018: The draft standard of providing Information Security for banks and insurers is published
The Central Bank of Russia published on May 3, 2018 the draft standard "Information security support of financial institutions of the Russian Federation. Technology of preparation, the direction and formats of electronic messages for information exchange with the Bank of Russia about the revealed incidents connected with violation of requirements to ensuring data protection at implementation of money transfers" (service station of BR IBFO-1.5-2018). As it is specified in the explanatory note to the document, the draft standard is developed for the purpose of increase in accuracy of the data about similar events.
Previously this Standard was considered by FSB of Russia on compliance of providing information exchange of technical data by participants about the computer attacks with data for providing in the state system of detection of warning and mitigation of consequences of the computer attacks (State system of detection, prevention and elimination of consequences of computer attacks), said in the explanatory note. |
Further it is specified that information exchange assumes interaction of "participants of information exchange" with FinCERT (FINTSERT of the Bank of Russia). FINTSERT will act as the industry center State system of detection, prevention and elimination of consequences of computer attacks.
Operators of money transfers, operators of services of payment infrastructure or other organizations which concluded "a standard form of the agreement on interaction of the Central bank of the Russian Federation concerning counteraction to the computer attacks" treat participants of information exchange.
It is supposed that implementation of the specified exchange will allow to lower negative effects from implementation of the computer attacks in financial market for clients — consumers of financial services.
In the project it is specified that provisions of the developed standard will have a binding character when informing FINTSERT by participants of information exchange.
Besides, drafts of recommendations in the field of standardization of the Bank of Russia about ensuring storage in electronic form of legally significant documents of the organizations of the Russian banking system, information security and "legal importance of electronic interaction" were published when using mobile devices.
Documentation is published on the website of technical committee No. 122 of the Bank of Russia which is engaged in development of standards of financial transactions. The published documents will be discussed at a meeting of Subcommittee No. 1 of Technical committee on May 30, 2018.
It is possible to study documentation here.
You See Also
- Information security in banks
- The policy of the Central Bank in the field of data protection (cyber security)
- Safety of financial (bank) transactions (service station of BR FAPI.SEK-1.6-2020)
- Standard of the Bank of Russia of service station of BR IBBS