With regional cyber threats on the rise, CBCS Strengthens defenses

GREAT BAY--The Centrale Bank van Curaçao en Sint Maarten (CBCS) has outlined its ongoing efforts to manage fraud risk and strengthen cybersecurity in its 2024 Annual Report. The report highlights the actions taken by the Bank in response to growing cyber threats affecting financial institutions across the Caribbean.

In 2024, the CBCS conducted a fraud risk assessment to identify inherent risks and evaluate existing control measures. The assessment concluded that no identified fraud risks were left without adequate controls. The Bank indicated that any signs of fraud are addressed immediately, with corrective action taken if needed.

The report also outlines the CBCS’s approach to information risk management. In line with its security policy, the Bank continued to focus on maintaining the confidentiality, integrity, and availability of its systems. Internal directives were developed to guide the responsible use of technologies, including artificial intelligence, while existing policies and procedures were updated as scheduled.

The Bank maintained an internal training program aimed at increasing awareness of phishing and other cyber threats. Simulated phishing exercises and other training activities were conducted throughout the year, with content revised to reflect changes in threat behavior.

To manage risks associated with third-party access, the CBCS implemented screening procedures for external entities connected to its digital environment. The Bank also continued monitoring its systems, conducting penetration testing, and using tools such as Data Loss Prevention software to identify and respond to potential threats.

The CBCS engaged in discussions with regional and international institutions to exchange information on threats, vulnerabilities, and response methods. This included a workshop attended by representatives from eleven CARICOM central banks. Topics covered included the application of artificial intelligence and measures to strengthen cyber resilience.

The Bank’s Cyber Security Roadmap (2023–2025) remained in progress throughout the year. The strategy includes the following key initiatives:

• Expanding cybersecurity staffing and defining roles within the security framework

• Enhancing the Vulnerability Management Program to identify and address system weaknesses

• Implementing Enterprise Identity and Access Management protocols

• Improving disaster recovery procedures and conducting relevant training

• Updating security policies to reflect new risks and standards

• Advancing threat detection and response capabilities

• Refining incident response plans to limit service disruptions

The CBCS also stated that its future cybersecurity planning includes the integration of artificial intelligence and machine learning. The intended use includes automating threat detection, response, and recovery, improving predictive analytics, and maintaining engagement with industry stakeholders to monitor new developments in cybersecurity.

The CBCS has stated that its activities in this area are intended to support the continuity and reliability of financial operations within its jurisdiction and to contribute to broader efforts across the region.

‍