By Ayesha Saba

Cybersecurity risks increased in Pakistan’s financial sector in 2025 as digital financial activity expanded rapidly, according to the Financial Stability Review 2025 released by the State Bank of Pakistan (SBP).

The report indicates that the growing adoption of digital banking, online transactions, and instant payment systems has significantly enhanced efficiency and accessibility, but it has also introduced new vulnerabilities related to cyber threats and data security. As financial institutions increasingly relied on digital platforms, the risk of cyberattacks, fraud, and data breaches became more pronounced.

The SBP noted that addressing cybersecurity risks remained a key priority for regulators and financial institutions during the year. In 2025, the central bank strengthened its oversight framework and introduced several initiatives aimed at improving the cyber resilience of the financial system. These measures were designed to protect both institutions and customers from emerging digital threats.

A major development highlighted in the report was the conduct of an industry-wide cybersecurity simulation exercise in January 2026, carried out in collaboration with financial institutions and relevant stakeholders. The exercise assessed both technical readiness and management response to cyber incidents, helping identify gaps and improve preparedness across the sector.

The report also pointed to the introduction of frameworks such as “Cyber Shield,” aimed at enhancing the overall security architecture of the financial ecosystem. In addition, the SBP issued technology risk management guidelines for payment institutions to strengthen governance, operational resilience, and data protection practices.

Awareness campaigns were also conducted to educate customers about cybersecurity risks, including fraud prevention and safe usage of digital financial services. These initiatives aimed to reduce vulnerabilities at the user level and contribute to a more secure digital environment.

The expansion of digital financial services, including mobile banking and instant payment systems such as Raast, played a key role in improving financial inclusion and transaction efficiency. However, the report emphasized that the rapid pace of digital adoption required continuous investment in cybersecurity infrastructure and risk management practices.

The SBP highlighted that financial institutions needed to remain vigilant and adopt proactive measures to address evolving cyber threats. This included upgrading technological systems, enhancing monitoring capabilities, and ensuring compliance with regulatory standards.

While risks increased alongside digital expansion, the report noted that the financial sector remained capable of managing cybersecurity challenges, supported by regulatory initiatives and ongoing improvements in risk management frameworks.

Credit: INP-WealthPk