19 December 2016 — DFSA Hosts Outreach Event on Cyber Risks

Click herehere to view PDF.

Dubai, UAE, 19 December 2016: The Dubai Financial Services Authority (DFSA) hosted an outreach event last week for its regulated community and other stakeholders to discuss known and emerging cyber risks and trends, and the steps that should be taken to prevent, detect and respond to them.

It was acknowledged that globally, cyber-attacks are increasing in scale and sophistication from highly organised groups of hackers with malicious intent. The DFSA expects its regulated firms not only to look at their own arrangements but also to assess the cyber security arrangements of third-party providers to which they outsource key functions.

The event was opened by Mr Ian Johnston, Chief Executive of the DFSA, who provided an overview of the current challenges being addressed by international standard-setting bodies, regulators and financial institutions. Mr. Johnston pointed out the global growth of FinTech and the concentrated efforts on addressing cyber risks as apriority on their agendas.

Mr Johnston highlighted that: "Cyber threats are growing in sophistication. Most businesses across all industries, regardless of their location or size, now rely on digital technology. While the use of technology, and FinTech innovation in the finance sector, drives efficiency and development, it can also increase vulnerability to cyber-attacks in the UAE and around the world".

A number of cyber risk specialists spoke at the event including; Mr Mohammed Nader Fikri, Monitoring Incident Handling and Response Analyst at the Telecommunication Regulatory Authority Computer Emergency Response Team (aeCERT), Mr Stuart Paterson, Partner at Herbert Smith Freehills, Mr Darren Mullins, Director Forensic Technology at Deloitte, Mr Hamid Qureshi, Territory Sales Manager at Thales E-Security, and Mr Oliver Fairbank, Senior Analyst, Cyber Threat Intelligence from Control Risks.

The discussions highlighted that cyber risks pose a serious and persistent threat to all financial institutions and to the resilience of the financial system.

Mr Bryan Stirewalt, Managing Director, Supervision at the DFSA said that: "Cyber security is now a risk that must be considered at Board level with day-today responsibility allocated to a member of senior management. Boards of directors and senior management need to focus on prevention and detection measures, while planning and rehearsing their responses".

In his closing remarks Mr Stirewalt, referring to the importance of collaboration between the DFSA, DIFC, and UAE Cyber Agencies such as aeCERT, and Authorised Firms, said: "Open, honest and frequent communication is critical to getting this right, and today we are embarking on the first of many steps."

The outreach session primarily targeted DIFC companies and was attended by senior management as well as compliance, risk and IT professionals.

— Ends —

For further information please contact:
Kaja Mohaisen
Corporate Communications
Dubai Financial Services Authority
Level 13, The Gate, West Wing
Dubai, UAE
Tel: +971 (0)4 362 1662

Editor's notes:

The Dubai Financial Services Authority (DFSA) is the independent regulator of financial services conducted in or from the Dubai International Financial Centre (DIFC), a purpose-built financial free-zone in Dubai. The DFSA's regulatory mandate covers asset management, banking and credit services, securities, collective investment funds, custody and trust services, commodities futures trading, Islamic finance, insurance, an international equities exchange and an international commodities derivatives exchange. In addition to regulating financial and ancillary services, the DFSA is responsible for supervising and enforcing Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) requirements applicable in the DIFC. The DFSA also exercises delegated enforcement powers under the DIFC Companies Law. These include powers to investigate the affairs of DIFC companies and partnerships where a material breach of DIFC Companies Law is suspected and to pursue enforcement remedies available to the Registrar of Companies (Roc).

Ian Johnston was appointed as Chief Executive of the DFSA in June 2012. Ian joined the DFSA in November 2006, as a Managing Director, to head the Policy and Legal Services Division.

Ian was admitted to practice Law in Australia in the early 1980s and has spent most of his career in the private sector. He held a number of senior positions within the financial sector and was CEO of one of Australia's major Trustee Companies. During that time, Ian played a leading role in the Trustee industry and served on the National Council of the Trustee Corporations Association.

In 1999, Ian joined the Australian Securities and Investments Commission where he held the position of Executive Director, Financial Services regulation, and spent several terms as an acting Commissioner. In 2005, Ian took up a position with the Hong Kong Securities and Futures Commission as a Special Advisor.

Ian is a past Chairman of the Joint Forum, which comprise representatives of the major international regulatory standard-setters (IOSCO, IAIS and the Basel Committee). In August 2016, he was re-elected to IOSCO's Growth and Emerging Markets Steering Committee, a position he has held since 2013. He is also a member of the Financial Stability and Technical Committee (FSTC) of the IAIS, the global standard-setting body for insurance regulation, and was a member of the Board of Directors of the Financial Planning Standards Board (from Jan 2011 — Mar 2016).