Financial Crime World

Kazakhstan Takes Significant Steps in Cybersecurity Measures for Financial Institutions

The Republic of Kazakhstan has made significant strides in implementing its national cybersecurity concept, “Cyber Shield of Kazakhstan”, aimed at protecting the country’s financial institutions from cyber threats.

Background

In January 2017, President Nursultan Nazarbayev instructed the government to create a comprehensive cybersecurity concept. The concept was developed through a collaborative effort involving parliamentarians, representatives of state bodies, professional and industry associations, higher educational institutions, and the industry.

Key Features of Cyber Shield

The Cyber Shield concept defines state policy on ICT protection and outlines measures to boost legal and industrial culture of cybersecurity. Its key objectives include:

  • Improving the country’s readiness to prevent and respond to incidents
  • Providing basic definitions and explanations to raise general awareness about threats

Challenges and Solutions

During the development process, several challenges were identified, including:

  • Insufficient awareness among citizens about cybersecurity threats
  • Shortage of information security professionals
  • Inadequate information protection infrastructure
  • Neglect by organizations of information security requirements
  • Limited trust in the public sector
  • Risks associated with the provision of electronic public services

To address these challenges, Kazakhstan is focusing on:

  • Raising public awareness through education and training programs
  • Establishing a national coordination centre and a dedicated information security centre for the financial sector

Global Recognition

Kazakhstan’s cybersecurity efforts have been recognized globally, with the country moving up from 103rd place to 31st in just three years according to the International Telecommunication Union’s (ITU) Global Cybersecurity Index (GCI).

Joint Efforts

Abdikalikov emphasized that ensuring cybersecurity is a priority for Kazakhstan’s leadership and that joint work by government agencies, private ICT and cybersecurity companies, specialized public associations, and experts has contributed to the country’s achievements.

Recommendations

To further strengthen cybersecurity and personal data protection across all CIS countries, Abdikalikov recommends:

  • Establishing legislative and regulatory frameworks for people’s data and personal data protection
  • State structures dealing with personal data protection and individual rights
  • Public awareness about rights and freedoms to be protected as personal data is collected and processed
  • Technical and organizational measures to prevent leakage of personal data, ensure transparency, and promote legitimate data collection procedures.