Country
Bangladesh

Source
Radio Interview with Prabeer Sardar (CEO of Dhaka distributions)

Title
State of Cy Sec in Bangladesh (banking)

About
Gov has made steps on Cy Sec, mainly focusing on public not on financial sector. Private sector, including banks, are tackling things on their own, no disclosure of incident facts. reporting breaches is not yet mandatory. Financial sector - no central forum or platform to share knowledge, Cy Sec very much still in the designing stage, banks are working on own. Recently come out of end point security stage and only now talking about SOCs, privilege access management and log management. Many banks are still in the discussion phase or early implementation phase of rolling out the necessary security technologies. Still at fundamental level. Banks are looking at SOCs - biggest problem in BD is lack of skill sets, qualified expert people who can operate the SOCs. Infrastructure needed for SOCs has not been built yet. None of Banks have SOC in that sense, maybe 1 or 2, they are working on it but in a very unorganised way.

Key findings
Recommendations for banks: Setting up a SOC as a compliance tick is not enough. First, investment needs to be in the developing of a skilled workforce, specialised teams, experts. Existing legacy staff aren’t enough. Have to think about getting those experts onboard. Better to have a collective effort so expertise can be shared and to build up level of expertise. Be openminded. Not going to happen overnight. Infrastructure itself is still weak. Technology and integration has to be on a open minded platform. Need a team to evaluate the technology & software they are buying. Cannot be a vendor driven activity, they have to be capable on what they are buying. If not in-house, then they have to take assistance from specialist (either local or international)

Website
https://www.bankinfosecurity.asia/interviews/cybersecurity-challenges-for-banks-in-bangladesh-i-4599