Cyber ​​Security and the Financial Market

With the development of the Saudi market and emergence of its economic arms, after the launch of the the Kingdom Vision.

A Great emphasis was placed on enhancing the principles of transparency and security, that would ensure the continuity of market operations and achieve stability.

Cyber security is considered one of the most important foundations of the market today, in light of the transition of its implementation mechanisms, to various technology means and platforms that serve the investor, at  home without the need for the intervention of representatives of financial institutions, like previously done.

For this reason, a guide has been issued by the Capital Market Authority (CMA) that deals with achieving cyber security for financial market institutions and avoiding any risks related to the market.

Based on best international and local practices and standards, this suggestive guidance addressed the most essential controls connected to cybersecurity applications, in financial market institutions that are subject to the CMA oversight. I was intrigued by the recommendations made in this book, including the creation of a cybersecurity department, within a licensed financial institution, given that all types of assistance are offered to these departments, such as an acceptable budget. A specialized department managed by this country’s cadres, who excelled in the field of cyber security is looking forward to receiving enough assistance and qualification to help preserve market norms.

In addition to this department, the guide recommended forming a cybersecurity committee, that to report directly to the CEO, as long as the work lists for these committees and departments are prepared and updated on a regular basis, to ensure being up to date with the latest developments in the sector, which are fast-paced around the clock.

Part of the aforementioned labor regulations dealt with data protection, a topic that has occupied the Kingdom in recent weeks, with the adoption of a new personal data protection system, which identified the areas of this data, such as identifying data owners, data managers, business and operating procedures, systems applications, practices, and standards, among other things. Defining a sufficient and adequate system to analyze the level and sensitivity of this data protection, as well as updating the levels of protection, in proportion to updates, factors, and even threats, is perhaps the most visible change that can be directly related to data protection.

The CMA has made numerous efforts to educate investors and financial institutions.

However, in my opinion, it lacks substantial advertising that allows everyone to access it through multiple platforms, in addition to simplify its language, so that it would easily be understood by all those interested.

Because the existing guides are jam-packed with useful information and novel concepts, they will significantly improve the investor and institutional experience.