In order to further strengthen the finance industry’s cyber-resilience amidst growing threats, the Bangko Sentral ng Pilipinas reiterates the need for all BSP-supervised financial institutions to have a collective, coordinated and strategic cyber response through information sharing and collaboration.
As prescribed under Section 4.3 ol Appendix 75b/Appendix Q 59b, BSP Circular No. 982 dated 09 November 2OL7, moderate to complex BSFIs should actively participate in information sharing organizations and fora within the financial services industry, the BSP said in a memorandum.
As cyber-attacks can be launched even against BSFIs with simple lT profiles, the BSP enjoins all BSFIs to participate in the BAP Cybersecurity Incident Database (BAPCID), an industry-wide cyber threat and best practices sharing platform hosted by the Bankers Association of the Philippines (BAP). Through the BAPCID, BSFIs can raise the level of situational awareness as information on latest tactics, techniques and procedures of cyber threat actors targeting financial institutions, including those in the dark web, will be shared.
The BSP, as an advisory member of the BAPCID, shall also use the BAPCID platform in the issuance of specific cyberthreat advisories and memoranda. This will enable a much faster and secure way of alerting BSFIs and providing concrete guidance in preventing and remediating imminent cyberthreats and attacks.