28 Apr 2021 – RBNZ published its guidance on what regulated entities should consider when building their cyber resilience - given their recent experience, and I mean this, the guidance is likely to be a fair reflection of their own practice and current approach. A high level guide for supervised organisations. https://www.rbnz.govt.nz/news/2021/04/reserve-bank-publishes-cyber-resilience-guidance
27 Jan 2021 – Privacy Commissioner announced that he will virtually chair an international Computer Privacy and Data Protection conference over 27-29 Jan, commencing NZ time 5 p.m. on Thursday, 28 Jan, with a live stream available. https://www.privacy.org.nz/resources-2/forums-and-seminars/computer-privacy-and-data-protection-conference-cdcp/
28 Jan 2021 - FMA released its review of NZX technology issues finding the stock exchange failed to meet its licensed market operator obligations due to insufficient technology resources. NZX also released a response to the FMA review. Relevant FMA and NZX web links are https://www.fma.govt.nz/news-and-resources/media-releases/fma-releases-review-of-nzx-technology-issues/ and https://www.nzx.com/announcements/366811
28 Jan 2021 – RBNZ released the results of a research report showing the Māori economy is increasingly diverse and opportunities remain for it to continue growing and reach its full potential. https://www.rbnz.govt.nz/news/2021/01/e-hauora-ana-e-matahuhua-ana-te-ohanga-maori-e-ai-ki-nga-rangahau
Fidelity Life has announced that it will be ending its Sharecare partnership. This change has been a result of COVID-19 affecting progress. Sharecare will continue to be available to existing users until 31 December 2020 although new challenges and other content won’t be available. All users will be contacted by Sharecare before the end of the year to discuss the next steps.
“While the app (and desktop version) are no longer available for new users through Fidelity Life, existing users can continue using Sharecare until 31 December - though there won’t be any new New Zealand content, including Challenges.
Sharecare will contact all registered users again before the end of the year regarding next steps beyond 31 December.
Ultimately, the economic impacts of Covid-19 have meant we haven’t been able to make the progress we’d originally planned for."
In other news
Scam emails are becoming more sophisticated - but there are still some obvious ways to spot them: see link.
RBNZ recently published a guide on how to build cyber resilience. Deputy Governor and General Manager of Financial Stability Geoff Bascand noted that the cyber space has been identified as a significant source of operational risk for financial institutions. The guideline focuses on what RBNZ’s expectations are and uses material from national and international cybersecurity standards. Bascand announced that a draft guideline has been published and is open for feedback.
“The Reserve Bank – Te Pūtea Matua is today releasing draft guidance on what regulated entities should consider when managing cyber resilience.
The cyber world has long been recognised as a significant source of operational risk for financial institutions, Deputy Governor and General Manager of Financial Stability Geoff Bascand says.
The draft guidance, which is open for feedback, outlines the Reserve Bank’s expectations around cyber resilience, and draws heavily from leading international and national cybersecurity standards and guidelines.
“As cyber risk continues to rise, there is growing awareness that cyber incidents could present risks to the stability of the entire financial system. Improving cyber resilience has become a key priority for prudential regulators around the world,” Mr Bascand says.”
RBNZ is set to run the consultation until 29 January 2021 as they believe the management of cyber resilience is a shared responsibility. The guideline works around related publications from other official agencies. After the 14 weeklong consultation period, RBNZ will release the final guideline.
“We recognise that managing cyber resilience is a shared responsibility and that it is important to collaborate and coordinate with all relevant stakeholders. The proposed guidance and our information collection plans have been designed to complement the work of other government agencies with a direct interest in promoting cyber resilience in the financial sector – including the Financial Markets Authority, the National Cyber Security Centre and the Computer Emergency Response Team.”
The consultation is open for 14 weeks and closes on 29 January 2021. The Reserve Bank will release the final guidance early next year.” Click here to read more
In other news
27 Aug 2020 – FMA announced the appointment of Paul Gregory to the newly created role of Director of Investment Management.
27 Aug 2020 - RBNZ have issued advice to the financial services sector from the National Cyber Security Centre regarding recent cyber attacks that appear to be aimed at the financial services sector. The most high profile example has been the NZX experience. However, other companies may expect to be attacked.
Todd Allan has been appointed as the Head of Adviser Distribution. This promotion comes after the departure of Craig Winterburn, who was the General Manager Distribution. In his new role Todd will be focused on supporting advisers.
“A key focus for Allan and his team of business managers and business account managers will be supporting advisers through a period of change.
“The new financial advice regime, conduct and culture changes and, more recently, Covid-19 are all having an impact on our business, our distribution partners and the broader industry.” Click here to read more
In other news:
Look we found a post about Cyber Smart Week that relates to insurance: AIA's Chief Technology Officer Shane Ohlin has put together this article showing the top 5 tips for being cyber smart. Of course, we all use technology and cloud services and this applies to all of us anyway. In an interesting social trend,
Here are some other good resources:
- CertNZ have this cyber security quiz you can take to check out how good your cyber security habits are, and then it provides tips to improve your online safety
- The Economist has this piece on why so many people fall for financial scams
- The FMA has this piece on cold-callers with share scams - just to ensure that you don't fall for the idea that all scams are online
As digital regeneration of business gathers pace, cyber attack risks increase.
'Connected technologies like artificial intelligence, drones, robotics or wearable sensors have the potential to be game-changers. But business owners beware, connected technologies also increase the chances of a cyber attack because they give cyber-criminals new access points if not properly protected. Research shows that 91 percent of business owners use one of these technologies, but 48 percent are unconcerned they will increase the likelihood of a cyber-attack.'
Click here to read more. Once upon a time business premises in the real-world had to be significantly hardened due to the presence of cash in almost every shop, office, and factory. Today, that risk has shifted away (excepting high cash shops, and certain types of activity like bars) towards scams, phishing, ransomware, and more.
Tom Hartmann at Sorted has this guide to spotting scams. Link.