Results of the Cybersecurity Self-Assessment for Regional Financial Institutions (FY2022)
October 19, 2023
Financial System and Bank Examination Department, Bank of Japan
Strategy Development and Management Bureau, Financial Services Agency
With cyberattacks increasing, the development of cybersecurity management frameworks and ensuring of their effectiveness have come to be recognized as significant challenges. Against this background, the BOJ and the FSA developed a tool for conducting a self-assessment of cybersecurity management frameworks, with which individual financial institutions are to identify their own positions in comparison with other financial institutions and also identify areas of their own challenges. The BOJ and the FSA requested regional financial institutions (99 regional banks, 254 shinkin banks, and 145 shinkumi banks) to conduct cybersecurity self-assessment using the tool for the first time and then fed back the overall results to them.
The results found that many of the regional financial institutions consider ensuring cybersecurity to be an important management issue and are making efforts to enhance the effectiveness of their cybersecurity controls, such as conducting exercises based on contingency plans, in addition to developing relevant frameworks and taking technological controls. On the other hand, the results also found that they have challenges in securing and fostering cybersecurity human resources and managing third-party risks.
The BOJ and the FSA expect that regional financial institutions will fully utilize CSSA in their efforts for further strengthening their cybersecurity management frameworks, and will support those efforts through conducting inspections/examinations, monitoring and various seminars.
Please contact the Financial System and Bank Examination Department at the e-mail address below to request permission in advance when reproducing or copying the contents of this Report for commercial purposes.
Please credit the source when quoting, reproducing, or copying the contents of this Report for non-commercial purposes.
Examination Planning Division, Financial System and Bank Examination Department
E-mail : firstname.lastname@example.org