Skip to main content

Addressing the IA of Hong Kong Guidelines on Cybersecurity Guidelines (GL20) with the CyberArk Identity Security Platform

This white paper explains how CyberArk Identity Security solutions can help you: • Achieve the key controls in the revised GL20 guidelines. • Secure all identities across all IT systems improving over

Download PDF

The Insurance Authority (IA) of Hong Kong Guidelines on Cybersecurity (GL20) sets the minimum standard for cybersecurity that Authorised Insurers (AIs) are expected to have in place and the general guiding principles which the IA uses in assessing the effectiveness of an insurer’s cybersecurity framework. With the exception of captive insurers and marine mutual insurers, the GL20 Guidelines applies to all authorised insurers in relation to the insurance business they carry on in or from Hong Kong. The revised GL20 Guidelines will be rolled out soon in 2024 Q1, will require Authorised Insurers to complete a set of assessments including Inherent Risk Assessment (“IRA”), Maturity Assessment (“MA”) and Threat Intelligence Based Attack Simulation (“TIBAS”)* by 2024 Q4. This supersedes the original 2020 GL20 Guidelines and contain a number of revisions and new recommendations that have arisen from fast changing landscape of emerging technologies and cybersecurity threats to stay current with the evolving cyber threat landscape and as a result to stay current with the evolving cyber threat landscape.

This white paper explains how CyberArk Identity Security solutions can help you:
•    Achieve the key controls in the revised GL20 guidelines.
•    Secure all identities across all IT systems improving overall security posture.
•    Detect and respond to high-risk activity.

You will learn:
•    The key components and capabilities of the CyberArk solution portfolio.
•    Where CyberArk solutions fit in various GL20 requirements.
•    How CyberArk solutions fulfil key GL20 controls.