You're reading: NBU proposes toughening requirements to cyber security in Ukrainian banks

The National Bank of Ukraine (NBU) has presented a draft resolution of the NBU board on the approval of the rules how to take cyber security measures in the Ukrainian banking system for public discussion.

The NBU said on its website that the draft resolution first envisages regulation of cyber security of the Ukrainian banking system by the central bank via setting mandatory requirements to taking cyber security measures that banks are to gradually introduce.

At the first stage to last until March 2018, the basic cyber security measures will be introduced. At the second stage (until September 2019) the measures to increase the cyber security completeness will be implemented. The cyber security measures include protection from malicious code, security measures for e-mails, control of access to the IT systems of banks, security measures in the banks’ networks and information crypto security.

In addition, the draft says that chief information security officers (CISO) will be hired in banks. They will be authorized to make managerial decisions. The banks are to form separate cyber security divisions consisting only of employees who are directly subordinated to CISO.

The implementation of the document would allow toughening requirements to information protection in IT systems of Ukrainian banks.