Financial Crime World

Indonesia’s Financial Regulator Introduces Tougher Cyber Resilience Rules for Banks

Bolstering Cyber Security Standards in the Financial Sector

Indonesia’s financial regulator, OJK, has introduced new regulations aimed at improving cyber resilience among banks as part of a wider effort to protect the industry from increasingly sophisticated cyber threats.

A Significant Step Forward in the Fight Against Cybercrime

According to Wahyu Agung Prasetyo, head of IT and cyber risk management at Bank Mega, the new regulations are a significant step forward in the fight against cybercrime. “Five years ago, we couldn’t even calculate the cyber risks within operational risks, but now banks have clear directions from regulators on how to measure the maturity of cyber resilience itself,” he said.

Key Parameters for Achieving Cyber Resilience

Under the new rules, banks must demonstrate their ability to prepare for and respond to worst-case scenario cyber attacks. To achieve this, Prasetyo has implemented several key parameters of OJK’s cybersecurity checklist, including:

  • Risk assessments
  • Incident response planning
  • Employee training programs

“This is just the first step, and after this, we will integrate this into our cybersecurity strategy,” he explained.

Collaboration between DPOs and CISOs Crucial for Compliance

Prasetyo also stressed the importance of collaboration between Data Protection Officers (DPOs) and Chief Information Security Officers (CISOs) in achieving compliance with the new regulations. “They need to work together to ensure that all aspects of data protection are properly addressed,” he said.

Challenges Ahead, but Commitment to Compliance Remains Strong

However, Prasetyo acknowledged that there would be challenges ahead for banks seeking to comply with the new rules. “We have a lot of work to do, but we are committed to meeting the requirements and ensuring the security of our customers’ data,” he said.

Expertise in Cybersecurity and Financial Compliance

Prasetyo has over 15 years of experience in information technology, including computer networks, operating systems, and cybersecurity. His expertise in this area is expected to be invaluable in helping Bank Mega navigate the complex world of financial compliance regulations.