{"id":8874,"date":"2022-07-27T11:57:14","date_gmt":"2022-07-27T11:57:14","guid":{"rendered":"https:\/\/newcbl.demo.ly\/en\/?page_id=8874"},"modified":"2023-07-16T07:31:20","modified_gmt":"2023-07-16T07:31:20","slug":"information-security-policy","status":"publish","type":"page","link":"https:\/\/cbl.gov.ly\/en\/information-security-policy\/","title":{"rendered":"Information Security Policy"},"content":{"rendered":"<div>Information is one of the most important elements of business management at the Central Bank of Libya. Information systems, databases, and communication networks of the world have become the basis for the banking sector from the industrial age to the new current age of technology. Information security is at the core of the Central Bank which plays an important role in the protection of assets, interests and information. Initiated by the Governor of the Central Bank of Libya in 2008, the CBL has adopted a plan based on international standards to upgrade the protection of privacy information and assets using technical and human resources.<\/p>\n<\/div>\n<h2>The terms of the security plan consists of the following:<\/p>\n<\/h2>\n<ul>\n<li>\n<h3>Item No. 1<\/h3>\n<p>Information security concerning employees, managers, and contractors<\/p>\n<div>To determine the responsibilities and duties towards information security concerning employees, managers, and contractors.\n<\/div>\n<\/li>\n<li>\n<h3>Item No. 2<\/h3>\n<p>Classification of the assets of the bank <\/p>\n<div>Classification of the assets of the bank and determine the required levels of protection using international standards. Item No.\n<\/div>\n<\/li>\n<li>\n<h3>Item No. 3<\/h3>\n<p>Upgrade security access to bank facilities<\/p>\n<div> Implement additional security protocols of entry and access to bank facilities, including sensitive equipment, information  systems and databases.<\/div>\n<\/li>\n<li>\n<h3>Item No. 4<\/h3>\n<p>Password Management<\/p>\n<div>The establishment of the passwords and other security related responsibilities.<\/div>\n<\/li>\n<li>\n<h3>Item No. 5<\/h3>\n<p>Physical and environmental security<\/p>\n<div>Identifying facilities to protect and prevent unauthorized access, information theft, equipment theft and disruption of work or eavesdropping. Also, protecting infrastructure equipment such as fire equipment and air conditioners.<\/div>\n<\/li>\n<li>\n<h3>Item No. 6<\/h3>\n<p>E-Mail Security<\/p>\n<div>The establishment of protocols to protect E-mails and databases. Email is the largest distributor of viruses and spam which needs mechanisms and procedures to make sure data is not corrupted or stolen. Item No.<\/div>\n<\/li>\n<li>\n<h3>Item No. 7<\/h3>\n<p>Upgrade Encryption<\/p>\n<div>Introduction of mechanisms to reduce human error, theft, embezzlement and corruption.<\/div>\n<\/li>\n<li>\n<h3>Item No. 8<\/h3>\n<p>Upgrade Encryption<\/p>\n<div>To upgrade and maintain the confidentiality, creditability, and integrity of the information using the latest encryption software<\/div>\n<\/li>\n<li>\n<h3>Item No. 9<\/h3>\n<p>Remote Access<\/p>\n<div>Establishment of security precautions and mechanisms to be taken to prevent access to the bank\u2019s internal network using remote access.<\/div>\n<\/li>\n<li>\n<h3>Item No. 10<\/h3>\n<p>Systems development and maintenance<\/p>\n<div>Analyze, maintain and upgrade the current system in place to ensure building security. The mechanisms focus on peacekeeping, security, encryption, data and configuration.<\/div>\n<\/li>\n<li>\n<h3>Item No. 11<\/h3>\n<p>Antivirus<\/p>\n<div>Analyze the procedures and software for anti-virus and anti-spam software.<\/div>\n<\/li>\n<li>\n<h3>Item No. 12<\/h3>\n<p>Backup<\/p>\n<div>\n<p><span>Establish procedures to backup copies of data, storage media and information security.<\/span><\/p>\n<\/div>\n<\/li>\n<li>\n<h3>Item No. 13<\/h3>\n<p>Incident Response<\/p>\n<div>\n<p><span>Procedure to learn, monitor and reduce time of security breaches and breakdowns in the system operations to reduce direct or indirect damage to the\u00a0<\/span>CBL<span>\u00a0and the public.<\/span><\/p>\n<\/div>\n<\/li>\n<li>\n<h3>Item No. 14<\/h3>\n<p> Security of networks and facilities<\/p>\n<div>\n<p><span>Protect networks from eavesdropping, spying, theft, disruption, and unwanted modification.<\/span><\/p>\n<\/div>\n<\/li>\n<li>\n<h3>Item No. 15<\/h3>\n<p>Continuity of workflow management<\/p>\n<div>\n<p><span>Protection of sensitive business tasks and information in the event of a crisis or disaster such as fires or earthquakes.<\/span><\/p>\n<\/div>\n<\/li>\n<li>\n<h3>Item No. 16<\/h3>\n<p>Security of wireless communications<\/p>\n<div>\n<p><span>Emphasis on proper mobile network encryption.<\/span><\/p>\n<\/div>\n<\/li>\n<li>\n<h3>Item No. 17<\/h3>\n<p>Network Security Monitoring<\/p>\n<div>\n<p><span>Allow limited access to the information network through the development of a separate network to the public. This network is separated from the internal network to help protect it from malicious attacks.<\/span><\/p>\n<\/div>\n<\/li>\n<\/ul>\n<p><!--more--><br \/>\n<!-- {\"type\":\"layout\",\"children\":[{\"type\":\"section\",\"props\":{\"class\":\"uk-background-gradient\",\"image_position\":\"center-center\",\"style\":\"default\",\"title_breakpoint\":\"xl\",\"title_position\":\"top-left\",\"title_rotation\":\"left\",\"vertical_align\":\"middle\",\"width\":\"default\"},\"children\":[{\"type\":\"row\",\"children\":[{\"type\":\"column\",\"props\":{\"image_position\":\"center-center\",\"position_sticky_breakpoint\":\"m\"},\"children\":[{\"type\":\"text\",\"props\":{\"column_breakpoint\":\"m\",\"content\":\"Information is one of the most important elements of business management at the Central Bank of Libya. Information systems, databases, and communication networks of the world have become the basis for the banking sector from the industrial age to the new current age of technology. Information security is at the core of the Central Bank which plays an important role in the protection of assets, interests and information. Initiated by the Governor of the Central Bank of Libya in 2008, the CBL has adopted a plan based on international standards to upgrade the protection of privacy information and assets using technical and human resources.\\n\\n\",\"margin\":\"default\"}},{\"type\":\"headline\",\"props\":{\"content\":\"The terms of the security plan consists of the following:\\n\\n\\n\",\"title_element\":\"h2\",\"title_style\":\"text-lead\"}},{\"type\":\"description_list\",\"props\":{\"class\":\"description-list\",\"column_breakpoint\":\"m\",\"layout\":\"grid-2\",\"list_element\":\"ul\",\"list_marker\":\"bullet\",\"list_marker_color\":\"primary\",\"margin\":\"medium\",\"meta_align\":\"above-content\",\"meta_style\":\"h4\",\"show_content\":true,\"show_link\":true,\"show_meta\":true,\"show_title\":true,\"title_colon\":false,\"title_element\":\"div\",\"title_grid_breakpoint\":\"m\",\"title_grid_column_gap\":\"medium\",\"title_grid_row_gap\":\"collapse\",\"title_grid_width\":\"auto\",\"title_style\":\"h4\"},\"children\":[{\"type\":\"description_list_item\",\"props\":{\"content\":\"To determine the responsibilities and duties towards information security concerning employees, managers, and contractors.\\n\",\"meta\":\"Information security concerning employees, managers, and contractors\",\"title\":\"Item No. 1\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"Classification of the assets of the bank and determine the required levels of protection using international standards. Item No.\\n\",\"meta\":\"Classification of the assets of the bank \",\"title\":\"Item No. 2\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\" Implement additional security protocols of entry and access to bank facilities, including sensitive equipment, information  systems and databases.\",\"meta\":\"Upgrade security access to bank facilities\",\"title\":\"Item No. 3\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"The establishment of the passwords and other security related responsibilities.\",\"meta\":\"Password Management\",\"title\":\"Item No. 4\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"Identifying facilities to protect and prevent unauthorized access, information theft, equipment theft and disruption of work or eavesdropping. Also, protecting infrastructure equipment such as fire equipment and air conditioners.\",\"meta\":\"Physical and environmental security\",\"title\":\"Item No. 5\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"The establishment of protocols to protect E-mails and databases. Email is the largest distributor of viruses and spam which needs mechanisms and procedures to make sure data is not corrupted or stolen. Item No.\",\"meta\":\"E-Mail Security\",\"title\":\"Item No. 6\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"Introduction of mechanisms to reduce human error, theft, embezzlement and corruption.\",\"meta\":\"Upgrade Encryption\",\"title\":\"Item No. 7\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"To upgrade and maintain the confidentiality, creditability, and integrity of the information using the latest encryption software\",\"meta\":\"Upgrade Encryption\",\"title\":\"Item No. 8\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"Establishment of security precautions and mechanisms to be taken to prevent access to the bank\\u2019s internal network using remote access.\",\"meta\":\"Remote Access\",\"title\":\"Item No. 9\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"Analyze, maintain and upgrade the current system in place to ensure building security. The mechanisms focus on peacekeeping, security, encryption, data and configuration.\",\"meta\":\"Systems development and maintenance\",\"title\":\"Item No. 10\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"Analyze the procedures and software for anti-virus and anti-spam software.\",\"meta\":\"Antivirus\",\"title\":\"Item No. 11\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"\n\n<p><span>Establish procedures to backup copies of data, storage media and information security.<\\\/span><\\\/p>\",\"meta\":\"Backup\",\"title\":\"Item No. 12\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"\n\n<p><span>Procedure to learn, monitor and reduce time of security breaches and breakdowns in the system operations to reduce direct or indirect damage to the\\u00a0<\\\/span>CBL<span>\\u00a0and the public.<\\\/span><\\\/p>\",\"meta\":\"Incident Response\",\"title\":\"Item No. 13\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"\n\n<p><span>Protect networks from eavesdropping, spying, theft, disruption, and unwanted modification.<\\\/span><\\\/p>\",\"meta\":\" Security of networks and facilities\",\"title\":\"Item No. 14\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"\n\n<p><span>Protection of sensitive business tasks and information in the event of a crisis or disaster such as fires or earthquakes.<\\\/span><\\\/p>\",\"meta\":\"Continuity of workflow management\",\"title\":\"Item No. 15\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"\n\n<p><span>Emphasis on proper mobile network encryption.<\\\/span><\\\/p>\",\"meta\":\"Security of wireless communications\",\"title\":\"Item No. 16\"}},{\"type\":\"description_list_item\",\"props\":{\"content\":\"\n\n<p><span>Allow limited access to the information network through the development of a separate network to the public. This network is separated from the internal network to help protect it from malicious attacks.<\\\/span><\\\/p>\",\"meta\":\"Network Security Monitoring\",\"title\":\"Item No. 17\"}}]}]}]}]}],\"version\":\"4.0.7\",\"yooessentialsVersion\":\"1.7.2\"} --><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Information is one of the most important elements of business management at the Central Bank of Libya. Information systems, databases, and communication networks of the world have become the basis for the banking sector from the industrial age to the new current age of technology. Information security is at the core of the Central Bank [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":16375,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-8874","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/cbl.gov.ly\/en\/wp-json\/wp\/v2\/pages\/8874","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cbl.gov.ly\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cbl.gov.ly\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cbl.gov.ly\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cbl.gov.ly\/en\/wp-json\/wp\/v2\/comments?post=8874"}],"version-history":[{"count":53,"href":"https:\/\/cbl.gov.ly\/en\/wp-json\/wp\/v2\/pages\/8874\/revisions"}],"predecessor-version":[{"id":21863,"href":"https:\/\/cbl.gov.ly\/en\/wp-json\/wp\/v2\/pages\/8874\/revisions\/21863"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cbl.gov.ly\/en\/wp-json\/wp\/v2\/media\/16375"}],"wp:attachment":[{"href":"https:\/\/cbl.gov.ly\/en\/wp-json\/wp\/v2\/media?parent=8874"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}