Eight Kuwaiti banks have obtained the ISO 27001 2013: 27001 certification for information security management systems, said Kuwait’s Central Bank in a statement.
The Central Bank said achieving the certification is a result of keenness to develop the banking business in Kuwait in accordance with the best international standards and in light of the need to achieve the highest levels of efficiency in information security management systems.
The certificate also comes to enhance work efficiency and safety measures for the applied controls, policies and procedures within the framework of the cyber-security requirements set by the Central Bank for the units of the Kuwaiti banking system.
Providing requirements
The Central Bank said this standard is considered one of the most prominent international standards that regulate building policies and procedures for information security.
Applying these standers would enhance the protection of data and information centers in the banking sector.
The Central Bank said the application of this standard contributes to developing and monitoring the applied protection systems by studying them, evaluating their importance, assessing expected risks, and providing technical or operational solutions that contribute to managing risks effectively and efficiently.
The statement noted that Kuwaiti banks that did not obtain the certificate are working to fulfill the requirements of the certificate.
The Central Bank said the banks have fulfilled the requirements of this certificate, namely: National Bank of Kuwait, Kuwait Finance House, Burgan Bank, Commercial Bank, Boubyan Bank, Al Ahli Bank of Kuwait, Ahli United Bank and Kuwait International Bank.
The banks obtained the certificate had previously obtained this certificate before, and recently renewed it.
An institution’s obtaining of the global standard for information security management (ISO / IEC 27001) certificate proves the strength of its information security system.
Most organizations have several information security controls, however, the lack of an Information Security Management System (ISMS), makes these controls disorganized and somewhat interconnected.
Therefore, obtaining this certificate will increase the confidence of their customers and will open new job opportunities for them.
Related:
