guidance

DFSA Cyber Risk Management Guidelines

Issuing bodyDFSA
CountryUAE
RegionDIFC
cyber risk managementcybersecurityincident responsegovernance

The DFSA Cyber Risk Management Guidelines provide best practices for firms to establish a robust cyber risk management framework and strengthen system security, reliability, resiliency, and recoverability. These guidelines are principle-based and encourage firms to implement a framework consistent with the G7 Fundamental Elements of Cybersecurity for the Financial Sector. The DFSA will consider these guidelines in future risk assessments.

Key requirements
  • Implement a cyber risk management framework tailored to the Firm’s size, complexity, and risk appetite.
  • Establish cyber risk identification and assessment capabilities.
  • Implement continuous monitoring and detection capabilities.
  • Develop a cyber incident response plan.
Applies to: Firms operating within the Dubai International Financial Centre (DIFC)
View original document ↗Ask GCC LexAI about this →
More from DFSA
DFSA Crypto Token Regulatory RegimeDFSA FinTech: Fostering Innovation in Financial Services
AI-generated summaries only. Arabic originals are legally binding. This is not legal advice. · ← All documents