MFSA publishes guidance notes on cybersecurity after consultation with key stakeholders

Following the publication of the MFSA Guidance Notes on Cybersecurity – Consultation Document, the MFSA has finalised its Guidance Notes on Cybersecurity as a minimum set of best practices and risk management procedures to be followed in order to effectively mitigate cyber risks.

The key points identified by respondents were as follows:

Positive Feedback

The proposed Guidance Notes on Cybersecurity was positively received, with respondents noting that the document is very thorough and gives a very good overview of all cybersecurity practices.

Ongoing monitoring

Overall feedback indicates that proactive monitoring ought to be more emphasised as it is a pivotal element required to ensure that systems and networks are safeguarded in real-time through intrusion detection measures which prompt alerts of any cyber threats.

Data Loss Prevention framework

Respondents emphasised that a Data Loss Prevention framework would be beneficial in tracking any movement of confidential data through and out of the organisation in order to detect and flag any unauthorised disclosure of such data.

Preventing critical lock out scenarios

Respondents emphasised on the effectiveness of a privileged access management policy in order to mitigate against critical lock out scenarios.

The Authority has welcomed the feedback received and subsequently amended the Guidance Notes on Cybersecurity to incorporate the above mentioned key points identified by respondents.