As Hong Kong Banks Face a Fast-Approaching Cyber Security Deadline, PhishLine is Playing an Essential Role in Assuring Guidelines are Met


Posted by Mark Chapman—President and Founder • 6/23/2017


Milwaukee, WI, USA June 27, 2017 —PhishLine, a pioneer in the measured security awareness industry, is playing an essential role in helping Hong Kong Banks meet Cyber Resilience Assessment Framework (C-RAF) guidelines recently established by the Hong Kong Monetary Authority (HKMA).


Approximately thirty Hong Kong banks are required to meet the guidelines by September 30, 2017, with the remaining facing a December 31, 2018 deadline. One of China’s top ten lenders is putting their trust in PhishLine, which has agreements in place or pending with several noteworthy banks in the region.
C-RAF is an assessment tool that helps authorized institutions evaluate cyber resilience. It is one of the core pillars of the Cybersecurity Fortification Initiative (CFI) developed by the HKMA and identifies three areas of phishing and security awareness focus:


  • Cybersecurity training for bank employees—including cyber incident response, current cyber threats, such as phishing, spear phishing and social engineering, and emerging issues.
  • Training effectiveness for management—to ensure effectiveness of cyber resilience training for all levels of staff members.
  • Cybersecurity awareness training for management—to ensure that lessons learned from social engineering and phishing exercises are adequately included in cybersecurity awareness programs.


Many Asian companies turn to PhishLine for its groundbreaking, data-driven approach to comprehensive information security management. With a rapidly growing presence in the region, including the financial services sector, PhishLine is uniquely able to help clients successfully achieve compliance benchmarks and take their information security program to the next level.


“With many Hong Kong banks already working with PhishLine to meet HKMA C-RAF requirements, PhishLine is positioned to play an essential role in the banking community’s efforts to increase cybersecurity,” says Mark T. Chapman, PhishLine President and CEO. “Our long history working with some of the world’s largest banks and financial institutions uniquely qualifies us to serve the growing focus on security awareness in the Asian banking community.”