The Reserve Bank of New Zealand
is proposing collecting financial entity data
on cyber incidents
to better understand cyber risks and resilience in the financial sector, it said in a statement on Monday.The central bank said it is proposing introducing mandatory reporting of material cyber incidents with 72 hours of detection, reporting of all cyber incidents periodically even if they are not material, and a regular survey on cyber resilience.
The central bank is currently seeking feedback on the proposal before deciding whether to implement the new rules.
RBNZ Director of Prudential Policy Kate Le Quesne said collection of this information will improve the bank’s understanding of cyber resilience in the financial sector.
Discover the stories of your interest