BANK of Zambia governor Dr Denny Kalyalya says the financial services sector has to see cybersecurity for what it is, a large scale operational risk deserving the utmost attention.
During the cyber security in the financial services sector workshop yesterday, Dr Kalyalya in a speech read for him by deputy governor administration Dr Tukiya Kankasa Mabula said Information and Communication Technology (ICT) have over the years permeated all aspects of people’s lives and in particular, have become the mainstay of the world’s financial sector infrastructure.
He said while these ever emerging technologies such as digital transformation, Artificial Intelligence, Internet of Things, Cloud Computing, Enterprise Mobility and Mobile Banking have brought about efficiency and increased innovations, they have also exposed the financial services sector to cybercrime.
Some notable incidents of cybercrime include, the attack on the Central Bank of Bangladesh, Russian retail bank and seven banks in the United Kingdom.
“The financial services sector is a key target by criminals because it is the custodian of large amount of funds in the economy,” Dr Kalyalya said. “For this same reason, the financial services sector has to also deal with other types of risks, which among others include, fraud, extortion, money laundering, illicit financial flows, market manipulation, data theft, and currency attacks. With statistics showing an increase of cyber-attacks in the financial sector, the importance of ensuring that our institutions are cyber resilient cannot be over-emphasized. The financial services sector has to see cybersecurity for what it is, a large scale operational risk deserving the utmost attention and thus develop the necessary systems and cultures throughout the sector to deal with this risk.”
He said there was the need to nurture talent capable of addressing cyber security threats through prompt detection, investigation, reporting, prosecution and prevention.
Dr Kalyalya said cyber risks should be viewed from an enterprise-wide perspective.
“ICT, Security, Operations, Credit Control, Anti-Money Laundering and Fraud Investigation departments need to break down the various silos to facilitate faster detection and prevention of cyber financial crimes. No single department or function can be an island in this battle,” he said “In the same vein, no bank or financial institution can be an island. One financial institution brought down by a cyber-attack would impact other banks and could ultimately destabilize the entire financial sector. It is for this reason that I call upon all CEOs here present to ensure that Cyber Security is entrenched in our day-to-day operations and strategic plans.”
Dr Kalyalya said he was aware that other countries have set up Computer Incident Response Teams (CIRTs) for various industries, including the financial sector.
“It is high time that we seriously begin to consider setting up a financial sector CIRT in Zambia. I believe that the CIRT would, not only assist in ensuring that all financial institutions are collaborating and working as one in mitigating cyber risks, but also enable information sharing. I am therefore calling upon Bankers Association of Zambia to work with Bank of Zambia to ensure that this is achieved,” said Dr Kalyalya.
The workshop is being jointly conducted by the Macroeconomic and Financial Management Institute of Eastern and Southern Africa (MEFMI) and the Bank of Zambia.