‘Get common platform to fight cyber attacks’
A banking consultant, Nana Otuo Acheampong, has advised banks to create a common defence mechanism to protect their operations against cyber attacks.
The banking consultant’s comments come after the launch of the Cyber and Information Security Directive for the Financial Services Industry by the Bank of Ghana (BoG).
Advertisement
“Now that BoG has issued this directive, my suggestion is that the banks should form a group and use that to counter the cyber attacks rather than dealing in silos, where everybody is trying to do their own.
“The expense is too high if you try to do it on your own. In an uncoordinated format, it can hit so many banks and that is why it is good for the banks to come together and fight as one body,” he added.
He said he would avail his expertise to the banks in leading efforts towards developing the financial services sector cyber firewall.
British example
When heeded and adopted, a common platform against cyber attacks in the country will be similar to what is being developed in Britain.
On October 18, 2018, the Financial Times newspaper reported that a group of Britain’s biggest banks and insurers planned to create a body to help to defend the financial system against the growing threat of cyber attacks.
It said the new body, which was due to be launched this month, would be called Financial Sector Cyber Collaboration Centre.
Advertisement
The paper explained that
Growing menace
His advice comes at a time when cyber attacks in Ghana are currently mirroring the strong growth of financial technology (Fintech) patronage, such as electronic banking, mobile money and other smartphone-based solutions.
A 2016 study found that there were more than 400,000 Malware incidents, 44 million Spam incidents and 280,000
In response to the threats, the Bank of Ghana (BoG) last Monday launched the cyber and information Security Directive for the Financial Services Industry.
Advertisement
It has seven objectives, including establishing the conduct and operational guidelines for the cyber and information security environment.
The directive also sets out procedures for governance, risk management, internal audit, asset management and cyber defence and response, among others.
In addition to other requirements, the directive mandates banks to appoint a cyber and information security officer (CISO) who will advise senior management and the board on cybersecurity issues.
The directive puts the onus of its implementation squarely on the board of directors and further calls for each board to appoint a sub-committee on cyber and information risks and countermeasures with a well-defined charter.
Advertisement
Strictly implement
Nana Acheampong further commended the central bank for “responding appropriately” to cyber-attacks and asked the regulated institutions to put in place the necessary mechanisms to implement the directive.
He said strict implementation of the directive would help to reduce the threats posed to banks.