Description Our Response Future Priorities Risks and Opportunities The growing adoption of disruptive technologies is transforming financial ecosystems, driving greater efficiency and innovation. However, this also expands the threat landscape, equipping attackers with increasingly sophisticated tools and new ways to exploit vulnerabilities. As digital banking accelerates, risks such as data breaches, fraud, and system disruptions are placing financial institutions under increasing regulatory scrutiny. To stay ahead, these institutions must take a proactive stance by securing their digital ecosystems, adapting to emerging risks, and strengthening resilience in the face of evolving cyber threats to preserve customer trust. • Adopted the Zero Trust Framework as a key component of our Cybersecurity Roadmap and Blueprint to enhance our overall cyber resilience and strengthen protection against evolving threats. • Reinforced our security posture by investing in new technologies and upgrading our solutions to strengthen our defence ecosystem against emerging cyber threats. • Conducted extensive assessments, including vulnerability assessments, penetration testing, and security baseline reviews, to proactively detect threats, address vulnerabilities, and enhance our cyber resilience. • Enhanced our frameworks, policies, and guidelines in alignment with the latest regulatory requirements and best practices, including the Group Cyber Resilience Framework, Group Technology and Cyber Risk Policy, Group Cybersecurity Testing Guideline, and Group Digital Security Key Management Guideline. • Enhanced and tested the Group Cyber Incident Response Plan to ensure it effectively addresses evolving threats and enables a rapid, coordinated response to cyber incidents. • Strengthened the Group’s detection and response capabilities through exercises such as red teaming, cyber drills, and compromise assessments, rigorously testing incident response processes against emerging threats. • Implemented targeted security awareness initiatives, including infographics, e-learning modules, phishing simulations, and training sessions, to promote vigilance against evolving cyber threats. • Strengthening our security posture with a Zero Trust approach and adaptive security controls to enhance resilience against evolving threats. • Investing in cutting-edge technologies to fortify our defences, enhance threat detection and response, and proactively mitigate emerging cyber risks. • Driving a security-first culture through sustained awareness efforts that enhance vigilance, reinforce proactive risk management, and embed security best practices into our processes. Risks • Disruptions from cyber incidents that could impact our banking services, reputation, and customer trust. • Greater liability risks with stricter regulations holding banks more accountable for data breaches and security lapses. Opportunities • Enhancing our banking services through integrated security innovations that enable a smooth, uninterrupted, and secure banking experience. • Building customer confidence by demonstrating a strong commitment to data privacy and security. HEIGHTENED CYBERSECURITY CONCERNS Key Alignments Capitals FC IN Stakeholders CU GR Material Matters CX GGC DPS Strategies SR IV SP CC D VBC 49 w w w . b a n k i s l a m. c o m 01 02 03 04 MD&A – STRATEGIC REVIEW 05 06 07 08 09
RkJQdWJsaXNoZXIy NDgzMzc=