Financial Crime World

Cybersecurity Strategy for Financial Institutions in Lebanon: A Major Milestone in Technology Policy

The Lebanese government has recently taken a significant step towards ensuring the security of its financial institutions by adopting a national cybersecurity strategy. This plan, introduced to the cabinet on August 29, aims to defend against external and internal threats, foster international cooperation, and establish a national cybersecurity agency.

The Strategy’s Structure

The strategy is composed of two main sections: preparation of a cybersecurity strategy and establishment of a national cybersecurity agency.

Pillars of the Cybersecurity Strategy

The first part of the strategy focuses on eight pillars:

  • Defense
  • Deterrence
  • Reinforcement of safeguards against external and internal threats
  • Expansion of state capacity to support the development of information and communication technology (ICT)

Establishing a National Cybersecurity Agency

The second part of the strategy stipulates the establishment of an agency, under the auspices of the Higher Defense Council, charged with overseeing the long-term implementation of the plan.

The National Cybersecurity Committee

The National Cybersecurity Committee, chaired by Brig. Gen. Mahmoud al-Asmar and shepherded by Lina Oueidat, resident point person on cybersecurity matters, has worked tirelessly to develop the strategy. The committee:

  • Attended industry workshops
  • Engaged local stakeholders
  • Embarked on an observation mission to Estonia, an e-governance powerhouse

EU Support

The European Union played a critical role in bringing the cybersecurity strategy to fruition through its CyberSouth program, which aims to foster legislation and policy to expand the institutional capacity of MENA governments to manage digital threats. The EU has pledged funds for the implementation of the strategy over a period of four years.

Future Plans

Lebanese policymakers are also pushing for the development of indigenous cybersecurity capabilities, including:

  • Establishment of a homegrown computer emergency response team
  • A cyber risk assessment tool designed specifically for state institutions
  • Streamlining security operations center (SOC) services for government agencies and critical infrastructure

The Way Forward

The national cybersecurity strategy is a major milestone in Lebanese technology policy, marking a significant step towards ensuring the security of the country’s financial institutions. However, the government must now take concrete steps to implement the plan, including:

  • Earmarking sufficient funds to guarantee full-scale implementation
  • Bolstering Lebanon’s feeble data privacy laws
  • Tackling lingering policy gaps and developing a more robust cybersecurity doctrine