Cyber Security Unit
|Name & Designation||Telephone||Fax|
|Md. Mehedi HasanChief Information Security Officer||880-2-9530624||--|
Cyber Security Unit (CSU) was formed in Bangladesh Bank in July 2020.The activities of the said unit started from May 2020 with the joining of Md. Mehedi Hasan was designated by Chief Information Security Officer (CISO) as the head of CSU, Bangladesh Bank.
Functions of CSU:
- Design and implement BB’s information security infrastructure to monitor IT installations and systems for detection and prevention of unauthorized access and use; steering to completion of BB's ongoing cyber security strengthening program and conduct annual reviews thereof to identify, access and coordinate remediation of weaknesses in BB’s IT security systems.
- Take necessary steps in areas of Security Engineering (SE), Security Threat and Vulnerability Management (STVM), Information Security Operations Center (ISOC), Security Information and Event Management (SIEM), Financial Sector wide Critical Incident Response Team (CIRT) and Cyber Security Intelligence (CSI), putting in place adequate documented processes, procedures and internal technical controls in all these areas.
- Assess knowledge/skill enhancement needs for staff in the new CSU, set up appropriate training routines of cyber security capacity building with up-to-date understanding of emerging trends in information security technology.
- Ensure BB’s response-preparedness to IT security incidents through development and regular exercise of incidence response and procedures, forecast leadership skills in getting things done in inter-departmental/inter-agency team environments.
- Foster and facilitate a cyber security risk aware culture among all staffers in BB offices and departments and ensure effective, efficient and balanced protection of all BB information assets.
- Develop security standards for IT platform in conformance with BB’s IT architecture, risk profile and policy requirements.
- Interface with business units and IT stakeholders in identifying requirements and assess their applicability to BB's IT infrastructure.
- Identify efficiencies to improve the performance and responsiveness of BB’s security work programs.
- Review and offer suggestions on setting the technical requirements in procurements of IT equipments/consumables in conformance with BB’s information security architecture and risk profile.
- Design short-term and long-term security policy and implementation plan for BB.
- Take necessary measure to upgrade and maintain security infrastructure of BB according to the implementation plan.
- Assist in arrangement of regular security testing on the ICT infrastructure of BB, audit existing systems and provide comprehensive risk assessments.
- Ensure regular review of logs of user activities in order to recognize suspicious behavior.
- To design automatic (machine learning based) monitoring and financial fraud detection policy.
- Design monitoring plan of the implementation process of security policy by Banks and NBFI's of Bangladesh.
- Guide Banks and NBFI’s of Bangladesh to take appropriate preventive measures in case of any security threat/incident at any of the financial institute in Bangladesh or relevant organization abroad.
- Facilitate security awareness program for all employees of the bank at regular interval.
- Prepare a team for digital forensic investigation to investigate any incident.
- Assist to integrate IT systems for development with security policies and information protection strategies.
- Collaborate with key stakeholders to establish an IT security risk management program.
- Anticipate new security threats and stay-up-to-date with evolving infrastructures.