“The Bank accepts the findings and has implemented, and will continue to implement, the recommendations,” stated Reserve Bank Governor Adrian Orr.
“As signalled in our Statements of Intent, we are well advanced on multiyear investment initiatives related to our digital systems and data management. We have prioritized these initiatives consistent with the recommendations outlined in the reports".
On December 25, 2020, the Reserve Bank became the target of a cyber-attack on the third-party application it utilizes to exchange and store information. Following that, KPMG was appointed to conduct an independent investigation into the bank's rapid response to the security incident and identify areas where the bank's systems and processes may improve.
He also stated that, despite being the victim of a massive illegal attack on the file-sharing system, the Reserve Bank accepts complete responsibility for the inadequacies in the KPMG report.
“We were over-reliant on Accellion – the supplier of the file transfer application (FTA) – to alert us to any vulnerabilities in their system. In this instance, their notifications to us did not leave their system and hence did not reach the Reserve Bank in advance of the breach. We received no advance warning".
As per KPMG, the bank's controls and processes need to be enhanced, which is now being done. If these procedures had been in place at the time of the unlawful breach, the damage would have been lessened.
Background
In late 2020, the Bank recruited Deloitte to conduct an independent investig ..
Support the originator by clicking the read the rest link below.
