.

A brief History of company's Establishment & Introduction

In its 151st meeting held on Nov. 27th 2012 (month Azar the 7th 1391 on Iranian Solar Calendar) the Money & Credit Council required the Central Bank of Iran (CBI) to establish "KASHEF": Banking Emergencies & Network Security Control in order to protect and promote the Payment Systems and Electronic Banking Security and to confront the internal and external threats to the country's banking system in a correct and in-time manner. Alongside the above mentioned activity, the CBI established KASHEF Company: the Secured Electronical Management in March the 9th 2014 (month Esfand the 18th 1392 on Iranian Solar Calendar) and had it officially registered at the Non-commercial Institutes and Companies Registration Department under Reg. Number: 451232 to reinforce technical abilities and to build an agile, knowledge-based Organization.

According to the content of the article 8th of 5th chapter of "Regulations supervising KASHEF Center Activities" approved by the "CBI's Information Security Strategic Council" in October 13th 2015 (month Mehr 21st 1394 on Iranian Solar Calendar): all tasks been assigned to the KASHEF center are transferred and re-assigned to the latter and therefore, KASHEF company is introduced as to be the executive body of the CBI's governance objectives in the field of "Banking Information Cyber Security Management and Direction".

The missions assigned to the company, enforced by the company's specialty, devotion and the existing legal tools turns it to be the only link between 'the policymakers and the organizations responsible for the information security' which assists KASHEF to play the role of a link with ever more easiness. Under luminance of co-operative interactions among all legal role-players of this field, KASHEF Co. is trying to be a responsible company, accomplishing part of CBI's governing tasks throughout country's monetary system and also bring about financial stability, security of properties and financial information of the citizens and act as a custodian of customers and stakeholders' rights in the country's monetary system.


Vision

"An effective knowledge-based organization bearing a constructive and value-adding role in the developing of a resilient and trustworthy environment for the banking cyber space."


KASHEF's Mission

Holding the topmost position of a CBI representative, KASHEF should monitor, evaluate and direct the security throughout banking services.


Detail of the Mission

The main components of KASHEF Co. missions in the banking system is defined as follows:

1- Developing and determining information security's requirements, strategies, policies and objectives,

2- Oversee the appropriate execution of the information security requirements, strategies, policies and objectives,

3- Developing Information Security Risk Management Framework,

4- Monitoring Information Security Risks,

5- Performing Research & Development in the field of Information Security,

6- Management and Co-ordination of Information Security related Incidents throughout banking system in a hierarchical structure and with the co-operation of active CERTs,

7- Designing and Providing an Incidents & Information Security Status Reporting System,

8- Co-operating with the country's Judicial, Legislative, Supervisory and Security Centers & Institutions; and with International & private Organizations and Associations, as well; in fields related to developing Laws, Regulations and handling Information Security Incidents,

9- Promoting and boosting the Security Awareness Level of the Banking System through publication, communication and sharing the information about/ related to threats, vulnerabilities and information security incidents,

10- Bring Co-ordination necessary to providing and presenting necessary training courses in the field of information security objectives, structures, macro policies, strategies and requirements.


Strategic Scopes of Activity

The strategic scopes, listed below, are basic fundamental territories which play pivotal role in the co-operations and orientations of KASHEF.

1- Confrontation with the Information Security Incidents,

2- Resilience and Security Management,

3- Supervision,

4- Train & Awareness,

5- Participation and Co-operation,

6- Research & Development.