Ciekawe spojrzenie na #cybersecurity saudyjskiego sektora finansowego. Generalnie w duchu Rekomendacji D KNF ;-) ale są pewne różnice od akceptacji prywatnych urządzeń BYOD, "nakaz" wdrożenia 24h SOC czy inne ciekawostki:
9. The Member Organization should :
a. ensure the CISO has a Saudi nationality;
10. The board of the Member Organization should allocate sufficient budget to execute the required cyber security activities.
6. The cyber security awareness program should be evaluated to:
a. measure the effectiveness of the awareness activities;
b. formulate recommendations to improve the cyber security awareness program
https://www.sama.gov.sa/en-US/Laws/BankingRules/SAMA%20Cyber%20Security%20Framework.pdf