By Eric Frykberg The Reserve Bank (RBNZ) is moving forward with steps to boost its oversight of cyber security at financial institutions.  These include proposals for mandatory reporting of all material cyber security incidents to the Reserve Bank (RBNZ) within 72 hours.  The institutions that would have to comply would be registered banks, non-bank deposit takers, licensed insurers and designated financial market infrastructure services.  The RBNZ defines a material cyber incident as; "one which materially affected, or had the potential to materially affect, financially or non-financially, the entity or the interests of its stakeholders such as depositors, policyholders, beneficiaries, other customers, system participants, or more broadly raises prudential concerns.

https://www.interest.co.nz/banking/121115/reserve-bank-moves-bolster-its-understanding-cyber-resilience-financial-sector

#interest