A new regulation regarding the minimal information security and cybersecurity requirements for commercial banks in Uzbekistan has been registered with the Ministry of Justice. According to the regulation, banks and their branches must establish a separate service to ensure information security and cybersecurity. The main goal of this service is to protect the bank’s information assets, prevent unauthorized changes to payment data, and avoid harm to the bank or its customers.
Banks are required to develop and adopt internal policies regarding information security, and ensure that their database settings are properly configured. These measures will strengthen the bank's information security and help prevent cyberattacks and other threats.
In addition, banks must take steps to prevent the following risks:
-
Unauthorized access to the database;
-
Gaining administrator and user passwords;
-
Unauthorized access to the system files of the database;
-
Installation of malicious software;
-
Remote attacks on the database and server.
Electronic logs of firewalls and proxy servers will be continuously analyzed by the service. If an external attack is detected, the Central Bank will be immediately notified. These measures are aimed at strengthening the information security of banks and improving the quality of customer service.
Read 'Zamin' on Telegram!
