Menu
Reserve Bank aims to improve cyber security posture

Reserve Bank aims to improve cyber security posture

Request for information issued in bid to increase security defences

The Reserve Bank wants to up its security game

The Reserve Bank wants to up its security game

Credit: Reuters

The Reserve Bank is exploring the security operations centre (SOC) and security management services market to lift its capabilities.

The central bank said it has an existing internal security incident event management (SIEM) and SOC capability, but adds there are improvements to that capability that would benefit the security posture of the bank.

"RBNZ believes that the supplier market may be able provide an uplift in security capabilities, that provides contextual alerting and management of incidents; in a broader and more sophisticated manner than the current in-house implementation," it said in a request for information (RFI) posted this week.

"Given RBNZ’s existing technology investments we want to understand how suppliers may leverage both our existing tooling, and supplier technology, to ensure that maximum benefits are achieved from the implementation of SIEM type products."

The bank also wants to understand how such a service would interface with existing people and processes effectively.

RBNZ defines a SOC as: “a combination of people, processes and technology protecting the information systems of an organisation through: proactive design and configuration, ongoing monitoring of system state, detection of unintended actions or undesirable state, and minimising damage from unwanted effects.”

Responses to the RFI will be used to develop a sourcing strategy for RBNZ’s requirements by determining the range of possible solutions, technologies and goods or services available, possible costs and a better understanding of the suppliers in the market.

"We are seeking your input to understand existing services and systems, to help inform our business case and to plan our formal tender approach to the market," it said.

The bank added that information from the RFI will not be used to appoint or shortlist for appointment a preferred supplier, nor to confer any advantage or disadvantage on any party who responds or does not make a respond.

In 2017, the bank considered introducing more prescriptive cyber security requirements for the financial and banking sector it regulates, but opted not to.

“We doubt that prescriptive regulations would appreciably improve the outcome, when the technology and threat landscape are both changing so rapidly," Reserve Bank head of prudential supervision Toby Fiennes warned in a speech in Auckland. "We will, however, review this policy stance from time-to-time to ensure that it remains appropriate."


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Financial ServicesReserve Bank

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Show Comments