InfoSecBulletin Cybersecurity for mankind
Banks and financial institutions are undergoing rapid digital transformation, which has improved customer services. However, this shift has also increased cyber threats and vulnerabilities. As a result, cyber resilience is crucial to protect financial systems.
Bangladesh Bank, in its role as a regulator, has unveiled a Cyber Security Framework V- 1.0 specifically tailored for banks and financial institutions under its jurisdiction. This initiative aims to enhance cyber security governance and fortify defenses against cyber threats. The framework is structured around five essential pillars of the NIST Cyber Security Framework: Identify, Protect, Detect, Respond, and Recover.
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
It controls primarily draw from ISO 27001, national ICT Security Policies, and ICT Security Guidelines for Banks and NBFIs, along with other recognized international standards. It’s important to note that this framework establishes baseline cyber security standards and controls intended to meet the minimum safeguarding requirements against cyber threats.
This framework is applicable to banks, non-bank financial institutions (NBFIs), mobile financial service providers (MFSPs), payment service providers (PSPs), payment system operators (PSOs), and other financial service organizations. These entities will collectively be referred to as “The Organization.”
The objectives of this framework are to establish a minimum baseline for management of Cyber Security in the Organization based on the following key areas to:
a) Protecting Financial Stability
b) Detecting and Responding to Cyber Threats
c) Create a common approach for addressing cyber security;
d) Achieve an appropriate maturity level of cyber security practices;
e) Define roles and responsibilities of relevant parties;
f) Address Cyber Security practices with due diligence;
g) Ensure security and privacy requirements;
h) Develop stakeholders‘ awareness to protect information in cyber environment;
i) Ensure a secure environment for data processing;
j) Ensure best practices (industry standard) of the usage of technology.
k) Building a Cyber security Culture
Bangladesh Bank has taken the initiative to accept any suggestions to enrich the “Cyber Security Framework for Banks and Non-Bank Financial Institutions” version 1.0 draft.
The prepared draft framework has already been uploaded on Bangladesh Bank website https://www.bb.org.bd/en/index.php/about/draftguide.
Anyone can suggest any through e-mails at ([email protected] and [email protected]) by 08/10/2024.
