BSP Recommends Stronger Email Cybersecurity

The Bangko Sentral ng Pilipinas (BSP) has given recommendations for all the supervised financial institutions (BSFIs) to strengthen email security controls to properly block consistent cyber threats such as business email compromise (BEC), spam, phishing, ransomware, and other malware attacks.

In Memorandum No. M-2022-043, signed by BSP Deputy Governor Chuchi G. Fonacier. The BSP is looking at adopting six recommendations for “robust and layered security controls” and best practices of the industry as indicated by existing BSP rules and regulations regarding cybersecurity.

To strengthen email security, Deputy Governor Fonacier has mentioned that BSFIs should take on best practices and security controls in ensuring the safety of both outgoing and incoming emails.

Aside from this, Deputy Governor Fonacier has said that BSFIs are asked to report any large-scale email-related cyber incidents and crimes to the BSP. This is in line with the BSP’s rules on event-driven reports and notifications (EDRN) and reports on crimes and losses (RCL).

“In certain instances, BSFIs may need to seek assistance and cooperate with appropriate law enforcement authorities for prompt resolution of cybercrime cases, especially if cases involve public safety and security, pursuant to the Cybercrime Prevention Act of 2012 and other relevant laws and regulations,” Deputy Governor Fonacier said.

According to her, emails are one of the primary authentication and verification channels used by banks, financial, or e-payment accounts in giving electronic payments and financial services (EPFS).

She adds that “Given the central role of email in digital communications, cyber threats ranging from spam, phishing, ransomware and other malware attacks targeting email platforms and communications continue to confront BSFIs,”

Source: Manila Bulletin