Financial Crime World

Cybersecurity Threats to Financial Institutions in Oman Worry Experts

Oman’s financial institutions have been facing a plethora of cybersecurity threats in recent years, despite a decline in attempted attacks from 880 million in 2017 to 12 million in 2022. Despite this drop, experts warn that the threat remains significant and financial institutions must take proactive measures to protect themselves.

Recent Cybersecurity Incidents

  • In January 2020, Oman United Insurance Company SAOG suffered a ransomware attack, which infected and encrypted its data, resulting in a loss of data dated from December 10, 2019, to the day of the attack. Luckily, the company was able to recover lost data thanks to a robust backup system.

Cybersecurity Threats in Oman

  • According to the Ministry of Technology and Communication’s annual report, Oman recorded:
    • 123 million Web application attempts
    • Over 417,000 confirmed attacks
    • Losses totaling over $1 million in 2020
    • A 13% decrease compared to the nearly 500,000 confirmed attacks reported in 2019

Efforts to Improve Cybersecurity

  • Oman has been working to improve its cybersecurity stance through intense security assessments of government websites.
  • The ministry’s efforts have exposed:
    • Over 41,000 vulnerabilities
    • 13,000 Internet Protocol addresses that were discovered, analyzed, and fixed

New Regulatory Framework for Cybersecurity and Resilience

  • The Central Bank of Oman (CBO) recently issued a new regulatory framework, which mandates banks, financing and leasing companies, payment service providers, and money exchange companies to meet minimum requirements to build a financial industry resilient against cybersecurity risks.
  • The framework is organized into six control domains or pillars:
    • Third-Party Supply Chain Management
    • Online Financial Services

Impact of the New Framework

  • The new regulation aims to establish guidelines for licensed institutions to handle cybersecurity risks and maintain the same standard of cybersecurity controls across all licensed financial institutions operating in Oman.
  • By implementing this framework, banks and financial institutions will have enhanced capabilities to safeguard themselves from various types of cyber threats and predefined protocols in place to respond swiftly to cyber incidents.
  • The impact of this new framework will be significant, as it:
    • Reduces the likelihood of successful cyberattacks
    • Minimizes potential damage control
    • Promotes stability in Oman’s financial market
    • Enhances customer trust by assuring customers that their financial transactions and sensitive information are safe

Conclusion

While Oman has made progress in improving its cybersecurity stance, the threat remains significant and financial institutions must take proactive measures to protect themselves. The new Regulatory Framework for Cybersecurity and Resilience is a step in the right direction, and its implementation will be crucial in maintaining the security of Oman’s financial industry.