Training and Awareness
OM-5.5.54
Conventional bank licensees must evaluate improvement in the level of awareness and preparedness to deal with cyber security risk to ensure the effectiveness of the training programmes implemented.Added: July 2021OM-5.5.55
The
licensee must ensure that all employees receive adequate training on a regular basis, in relation to cyber security and the threats they could encounter, such as through testing employee reactions to simulated cyber attack scenarios. All relevant employees must be informed on the current cyber security breaches and threats. Additional training should be provided to ‘higher risk staff’.Added: July 2021OM-5.5.56
The
conventional bank licensees must ensure that role specific cyber security training is provided on a regular basis to relevant staff including:(a) Executive board and senior management;(b) Cyber security roles;(c) IT staff; and(d) Any high-risk staff as determined by thelicensee .Added: July 2021
