Financial Crime World

Brunei Darussalam Central Bank’s Notice on Early Detection of Cyber Intrusion and Incident Reporting

Introduction

The Brunei Darussalam Central Bank (BDCB) has issued a notice outlining guidelines for banks in the country to follow in terms of detecting and reporting cyber incidents. This notice aims to ensure that banks have a robust incident response plan in place to detect and respond to cyber incidents effectively.

Key Sections

The notice is divided into several key sections:

Definitions

  • Cyber intrusion: refers to any unauthorized access, use, disclosure, modification, or destruction of information or interference with systems.
  • Incident: refers to a specific occurrence that has a negative impact on an organization’s assets or operations.
  • IT incident: refers to an event that affects the operation, security, or availability of an IT system.

Responsibilities

Banks are responsible for:

  • Detecting and reporting cyber incidents in a timely manner
  • Maintaining an incident response plan
  • Regularly performing risk assessments and gap analysis

Incident Categorization

The notice provides guidance on categorizing IT incidents based on their impact severity:

Minor

  • Known or reported phishing emails
  • Downtime or error in network, server, software, and system with minimal impact

Moderate

  • Downtime or error in network, server, software, and system with partial impact
  • Malware attack on less than 5 users with no known data breach

Major

  • Unplanned downtime in any critical system causing complete inoperability for more than 30 minutes
  • Suspected incident that cannot be verified as an incident or false positive for more than 2 hours

Critical

  • Data breach (including data loss, data leak, and stolen data) affecting classified data or personal data of customers, employees, and/or stakeholders

GAP Analysis

Banks are required to regularly perform risk assessments, gap analysis, and testing against relevant technology-related notices and guidelines issued by BDCB.

Reporting Requirements

The notice requires banks to report all IT-related incidents that are required to be reported by any national law and legislation.

Conclusion

This notice aims to ensure that banks in Brunei Darussalam have a robust incident response plan in place to detect and respond to cyber incidents effectively. By following these guidelines, banks can minimize the impact of cyber incidents and maintain the trust of their customers.