Menu
Reserve Bank aims to improve cyber security posture

Reserve Bank aims to improve cyber security posture

Request for information issued in bid to increase security defences

The Reserve Bank wants to up its security game

The Reserve Bank wants to up its security game

Credit: Reuters

The Reserve Bank is exploring the security operations centre (SOC) and security management services market to lift its capabilities.

The central bank said it has an existing internal security incident event management (SIEM) and SOC capability, but adds there are improvements to that capability that would benefit the security posture of the bank.

"RBNZ believes that the supplier market may be able provide an uplift in security capabilities, that provides contextual alerting and management of incidents; in a broader and more sophisticated manner than the current in-house implementation," it said in a request for information (RFI) posted this week.

"Given RBNZ’s existing technology investments we want to understand how suppliers may leverage both our existing tooling, and supplier technology, to ensure that maximum benefits are achieved from the implementation of SIEM type products."

The bank also wants to understand how such a service would interface with existing people and processes effectively.

RBNZ defines a SOC as: “a combination of people, processes and technology protecting the information systems of an organisation through: proactive design and configuration, ongoing monitoring of system state, detection of unintended actions or undesirable state, and minimising damage from unwanted effects.”

Responses to the RFI will be used to develop a sourcing strategy for RBNZ’s requirements by determining the range of possible solutions, technologies and goods or services available, possible costs and a better understanding of the suppliers in the market.

"We are seeking your input to understand existing services and systems, to help inform our business case and to plan our formal tender approach to the market," it said.

The bank added that information from the RFI will not be used to appoint or shortlist for appointment a preferred supplier, nor to confer any advantage or disadvantage on any party who responds or does not make a respond.

In 2017, the bank considered introducing more prescriptive cyber security requirements for the financial and banking sector it regulates, but opted not to.

“We doubt that prescriptive regulations would appreciably improve the outcome, when the technology and threat landscape are both changing so rapidly," Reserve Bank head of prudential supervision Toby Fiennes warned in a speech in Auckland. "We will, however, review this policy stance from time-to-time to ensure that it remains appropriate."


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags governmentFinancial ServicesReserve Bank

Featured

Slideshows

EDGE 2019: Thought leaders share how to build a channel of the future

EDGE 2019: Thought leaders share how to build a channel of the future

Day 2 of EDGE was opened by in-depth research from TRA's Tim Dillon, which outlined the partner view on the channel's future. The following day saw Forrester's Jay McBain and Odgers Berndtson's Tim Sleep conclude the keynote line-up, while HPE and Cisco rounded off the thought leadership.

EDGE 2019: Thought leaders share how to build a channel of the future
Tech credentials on show during Ingram Micro One APAC

Tech credentials on show during Ingram Micro One APAC

Ingram Micro outlined the key technologies for future channel growth on the second day of Ingram Micro One APAC in Singapore, in front of more than 1300 business leaders.

Tech credentials on show during Ingram Micro One APAC
Show Comments