FITC-NIBSS conference underscores need for cyber resilience in financial sector

15 Sep 2020
Financial Nigeria

Summary

CBN Deputy Governor, FSS, Aishah Ahmad, said the apex bank is committed to strengthening its regulatory and supervisory framework to boost the resilience of the financial system against cybercrime.

Managing Director/Chief Executive Officer of FITC, Chizor Malize

FITC and Nigeria Interbank Settlement System (NIBSS) Plc on Thursday held a virtual cybersecurity conference where thought leaders and industry experts in financial services, cybersecurity, technology and regulators shared knowledge and insights on curbing the rise in cybercrime. A panel of Nigerian and international experts discussed how to upscale the capacity of the Nigerian financial services sector to tackle emerging cybersecurity challenges.  

A statement sent to Financial Nigeria by FITC, a media partner for the FITC/NIBSS ThinkNnovation Conference 2020, says cybercrime has become a significant concern across the world, especially with the attendant monetary and reputational damage that is affecting governments, businesses and individuals. Emerging market are the worst hit due to weak corporate governance and processes.

FITC, a leading financial training organisation in Nigeria, said with the increase in digitisation, organisations are seeing a steady rise in the number of security breaches, with many organisations experiencing sophisticated and targeted cyberattacks. And as the number of cyberattacks increase, FITC said it takes more time and resources of organisations to resolve the attacks.

Against this backdrop, and FITC's innovation-led approach to value creation, the organisation said it collaborated with NIBSS to bridge the gap between cybersecurity risk and defensive effectiveness of financial institutions in Nigeria. The conference, touted as Africa’s largest virtual cybersecurity conference, was themed: Combating Cybercrime: Strategies for Strengthening Emerging Markets.

Deputy Governor, Financial System Stability (FSS), Central Bank of Nigeria (CBN), Aishah Ahmad, said the financial services sector is particularly susceptible to cyberattacks given its crucial role of financial intermediation in a highly connected financial system. Besides financial losses, Ahmad said the sector is also exposed to potential compromise and loss of customer data, and disruption of operations, which undermine stakeholders’ confidence in the financial system.

"As the world switched to social distancing and remote working, remote learning, remote shopping and electronic financial transactions, due to the impact of the COVID-19 pandemic, more opportunities have opened for cyber criminals to prey on unsuspecting citizens and businesses," said Mrs. Ahmad who is also Chairman of the Board of Directors of FITC.

Speaking further, the CBN Deputy Governor, FSS, said the apex bank is committed to strengthening its regulatory and supervisory framework to boost the resilience of the financial system against cybercrime. According to her, the CBN had issued a Risk-Based Cyber Security Framework for deposit money banks (DMBs) and payment service providers in 2018. The framework, amongst other things, prescribes annual cyber resilience self-assessments for proactive identification and remediation of weaknesses and mandatory incident reporting to normalize sharing of best practices across the industry.

"It is gratifying to note that most Nigerian banks have in place Security Operation Centres (SOCs) in line with global best practices, others have been encouraged to follow suit, whilst the CBN has also commenced the development of an industry wide SOC – CBN Cybersecurity Fusion Centre (C2FC) – to serve as a shared service platform for the financial sector, providing cyber intelligence gathering, analysis, dissemination and crisis response," Mrs. Ahmad said.

Managing Director/Chief Executive Officer of FITC, Chizor Malize, also made similar remarks in her opening remarks, stating that the pandemic has exacerbated cyberattacks in 2020. She said some of the increasing risks and threats facing organisations emanate from social engineering, ransomware, and security risks arising from the ubiquity and interoperability of devices.

Mrs. Malize thanked all the delegates from across the globe as she expressed her delight for the partnership with NIBSS to organise the virtual conference, which had over 1,000 delegates across five continents, 30 countries and 300 organisations. The virtual conference comprised of a networking arena, meeting lounge, exhibition booths, sponsors lounge, leadership boards and other features.   

"For over 15 years, FITC has published survey findings on fraud and forgery cases in the banking industry. Insights from these quarterly publications highlight the issue of cybercrime and the imperatives for players in the industry to build cybercrime-fighting capacity that is relevant for today’s sophisticated digital world," the MD/CEO of FITC said.  

Deputy Managing Director at NIBSS, Niyi Ajao, said the virtual conference was crucial for the banking industry as a way of guiding industry-wide cybersecurity development. Speaking on the theme, Cybersecurity and Financial Services: Imperatives, Risks and Controls, Ajao said electronic fraud, or e-fraud, is increasing due to the increase in financial inclusion and e-payment adoption. According to him, Nigerian fraud analysis shows moderate shift towards web and mobile channels.

Senior Director, Supervisory Guidance at Toronto Centre, Phang Hong Lim, gave the keynote address at the event. Toronto Centre is an independent non-profit organisation founded by the Canadian government, World Bank, and the Schulich School of Business to provide high-quality capacity building programmes for financial supervisors and regulators.

Lim shared some roadmaps to a more cyber-resilient financial sector. He emphasized the imperatives for banks to develop an effective control and response framework for cyber risk, including the implementation of general sound risk management practices to provide baseline cyber hygiene.

Chief Information Security Officer at Zenith Bank Plc, Festus Amede, said that rapid adoption of technology without adequate defence mechanisms as well as the pressure on financial institutions to keep costs low remain a major challenge facing the adoption and deployment of digital products.

"Most emerging markets have their data centre in-house; only very few are in the cloud. Even though cloud is where to be, you need to prepare before migrating to the cloud,” Amede said. “Account hijacking is also a major concern, especially with people using unsecured channels because of the challenges to grow the numbers. Using channels like USSD exposes bank customers a lot, as their SIM cards can be swapped, or your PIN harvested through phishing among other means."

Security and Compliance Specialist at Microsoft, Somi Ochuba, explained that as businesses embrace digital transformation, and compete with companies trying to develop their own technology, they would need to develop new digital capabilities using data and information. Ochuba said data and information are the lifeblood of organisations. However, they are also targets for criminal activities.

One of the participants, Joshua Attahgani who works with Federal Mortgage Bank of Nigeria, said the conference was a great experience for him. "It has been an interesting and engaging conference,” he remarked. Another participant, Ruth Didam who works with Bank of Agriculture, said the conference was one of her best virtual event experiences. She said, “FITC was able to take virtual learning to another amazing level. Looking forward to the 2021 conference.”

FITC – now over 39 years in existence – says it provides premium quality training, consulting and research services to the players in the financial services sector and related industries within Nigeria and increasingly across Africa.


Other Photos/Videos