Cyber & Operational Resilience Framework (CORF)

In an era defined by rapid technological advancement, increased digital interconnectedness, and an ever-evolving sophisticated threat landscape, the resilience of the banking sector has become a national imperative. As the Central Bank of Kuwait (CBK), we recognize that our mandate to preserve monetary and financial stability must now be matched by an equally robust commitment to cyber resilience. A resilient banking system fosters a sustainable economic growth, enables digital leadership, public trust, and strengthens Kuwait’s competitiveness on the global stage.

The Cyber and Operational Resilience Framework represents the next step evolution in the CBK's regulatory strategy, moving from establishing foundational cybersecurity compliance under the Cybersecurity Framework (2020) to a "Resilience-first" and "Maturity-oriented" Regulatory model (2025). It reflects our resolve and determination to empower Regulated Entities not only to defend against cyber threats, but to anticipate, withstand, recover from, and adapt to disruptions with agility and confidence, reinforcing the resilience of the broader banking sector and financial ecosystem of the State of Kuwait.

The aim is to shape a resilient digital future. One that enables innovation, protects national interest, and secures Kuwait’s strategic edge in the international financial landscape.

• Cyber and Operational Resilience Framework (CORF)