RBNZ proposes collecting more financial entity data on cyber incidents

WELLINGTON (Reuters) – The Reserve Bank of New Zealand is proposing collecting financial entity data on cyber incidents to better understand cyber risks and resilience in the financial sector, it said in a statement on Monday.

    The central bank said it is proposing introducing mandatory reporting of material cyber incidents with 72 hours of detection, reporting of all cyber incidents periodically even if they are not material, and a regular survey on cyber resilience.


    The central bank is currently seeking feedback on the proposal before deciding whether to implement the new rules.

RBNZ Director of Prudential Policy Kate Le Quesne said collection of this information will improve the bank’s understanding of cyber resilience in the financial sector.

(Reporting by Lucy Craymer; Editing by Christopher Cushing)