ictQATAR Hosts Conference on Information Security and Risks for the Financial Sector

Financial institutions in Qatar and around the world have always been the target of a variety of criminal and fraudulent activities, and in today’s digital age, cyber-attacks are a regular threat.

The Supreme Council of Information and Communication Technology (ictQATAR), through its Qatar Computer Emergency Response Team (Q-CERT), recently hosted fin.INFOSEC, a conference that shared the latest challenges and trends in information security and risks faced by the finance sector to help organizations in Qatar better manage cyber threats.

“The finance sector has wisely embraced the benefits of technology to enhance their customer services, increase efficiency and better secure their information. While the benefits of technology are unquestionable, they also create new opportunities and channels for criminal activities, such as hacking, data breaches and consumer scams. This conference is an extension of ictQATAR’s ongoing work to ensure all sectors in Qatar are aware of the latest cyber threats and prepared to manage them effectively. We developed the Financial Sector Information Risk Expert Committee to address these issues in a collective manner and have been very pleased by the collaboration between the public and private financial stakeholders,” said Khalid Al-Hashimi, ictQATAR Executive Director of Cyber Security.

fin.INFOSEC featured speakers from the Netherlands Centre for the Protection of National Infrastructure, Krebsonsecurity.com, IBQ, Cyber Security Malaysia, the European ATM Security Team (EAST) and ictQATAR. Speakers addressed issues such as new cyber-criminal methods, the benefits of public-private partnerships to address cybercrime, new technical solutions to better protect critical systems, and shaping a national roadmap for cyber security.

In speaking at the conference, EAST Chairman Lachlan Gunn used credit cards as an example of how individuals also play a major role in cyber security, not just big organizations. “The security of payment cards is not just the responsibility of card issuers, card schemes or card acquirers - every cardholder has a part to play too. Whenever we enter our PIN at an ATM or payment terminal, we should cover it. Your PIN is your responsibility. Protect it,” he said.

The conference supports the work being done by Qatar’s Financial Sector Information Risk Expert Committee (FS-IREC), which is a public private partnership based group comprised of regulators, operators and owners working within the financial services sector in Qatar. The FS-IREC collectively addresses topics such as identification of risks in the finance sector, sector critical infrastructures, sector crisis management, standards & best practice, training and awareness, and areas for research and development. FS-IREC recently developed a set of security standards for Qatar’s financial institutions, which are being implemented by banks and financial institutions across the country. ictQATAR, through its Q-CERT program, initiates similar working groups in other sectors as well,(such as the Energy Sector).

ictQATAR established Q-CERT in 2005 to proactively address cyber security in the country. Q-CERT has been constantly working at building resilience into the critical information infrastructure of Qatar. Q-CERT has become the national beacon to address the nation’s information security needs, safe-guarding people and technology through secure practices, standard policies, emphasizing risk mitigation and disseminating information. As first responders to critical cyber incidents at the national level, Q-CERT helps coordinate threat and vulnerability reporting, incident response, and measures to improve security.