The communications regulator, the Uganda Communications Commission (UCC) has asked financial technology (Fintech) companies to begin looking at investing in cyber security, not as an expense, but rather as an investment.
The call comes as incidences of cyber security threats have been on the rise due to digital transformation.
Although digital transformation has availed countless benefits, it has also presented enormous challenges as hackers continue to attack businesses with vulnerable systems. Over 40 billion shillings was lost in 2020 through hacking.
On Tuesday, the UCC held a “CEO cyber security breakfast meeting” under the theme, “Cyber security for Mobile financial services in the telecommunication Sector.”
Attended by Chief Executives from various financial technology companies that included; MTN, Airtel, Bank of Uganda, Uganda Bankers Association and Financial technology service providers, the event aimed to find remedies to cyber security related challenges.
Speaking at the event, the UCC Executive Director, Irene Kaggwa Sewankambo called on CEOs to invest heavily in cyber security in order not to fall victim.
“We need to invest in cyber security. We need to begin looking at it not as an expense, but rather an investment,” she said.
Mrs Kaggwa also called on Sector Executives to embrace information sharing in order to tackle the vice.
“As Communication sector, we need to work together [to address cyber threats]. Government cannot do it alone. We need to share information & expertise. To all of us, we need to work together, and embrace information sharing as CEOs,” she emphasized.
“To the licensees, don’t leave it to anyone. Your users on your network are also your weakest link. You will do all the strengthening of your systems, the human resources, the technology, but your end user might actually be the problem. We have seen many reports where persons have compromised devices and they are the source of attacks to other countries. But they are happily using their computers, and they don’t know that their computers have actually been taken over by someone who is using it to create an attack. You don’t know how the impact of such can have on your network. You can end up being blacklisted globally. So, help your users to understand the importance and how they can protect themselves,” she said.
The Executive Director Supervision in Bank of Uganda, Dr Tumubwine Twinemanzi said that any Institution, has got three components that include; the processes, the people and technology, adding that cyber security threats can affect any one of the three.
The first thing the financial sector regulator has done, Twinemanzi said is to pull cyber security out of the general categories of risk, and reclassify it as a unique risk that must be tackled, and also look at it outside the normal operation risk.
After COVID-19 pandemic outbreak, a significant number of financial transactions and services started being provided via digital platforms.
Though this was an advantage to many due to expansion of financial inclusion, it translated into increased risk from cyber threats.
As a result, Twinemanzi advised each Financial Institutions to formulate a more risk management framework around cyber security threats due to increased adoption of digital platforms providing financial services.
“That is why one of the guidelines we are working on both at the East African level, and Uganda is certain minimum requirement in the risk management framework to deal with cyber security threats in financial institutions,” said Twinemanzi.
Unlike in the past when financial transactions largely meant depositing and withdrawing money from the bank, today, the conduct of business has shifted as banks now also provide insurance services, and insurance companies also provide saving products among others.
As a result, Twinemanzi said Bank of Uganda has led and established the “Financial Sector Stability Forum” that includes; Bank of Uganda, Insurance Regulator, Retirement Benefits Authority, Deposit Protection Fund, Financial Intelligence Authority and Uganda Microfinance Regulatory Authority.
“The reason being that a threat from cyber security for example in insurance can potentially affect the Bank associated to the insurance company. The provident funds of that insurance company also be at risk, the Deposit Protection Fund might have to cash out some of the reserves to be able to pay your depositors who are losing money,” said Twinemanzi.
The Financial Sector Stability Forum, he said is to tackle a crisis simulation exercise, and how financial institutions can mitigate the impact of crises whether cyber in nature or not.
The MTN Uganda Chief Executive Officer, Wim Vanhelleputte said fraudsters today are not any different from thieves of 20 years ago, adding that the challenge faced is a digital form of what has always existed.
“We have got to embark on citizen sensitization. Fraudsters are very smart. Someone calls you and pretends to be from MTN, tricks you and you share your pin. Customers, don’t share your pin,” he said.
He noted that Uganda has one of the most sophisticated sim card registration models in the world which he commended for reducing the opportunities of fraudsters.
“You cannot buy a sim card in Uganda without a national ID, without biometric verification or the fingerprint. This has drastically and significantly reduced fraud opportunities. It shows that good regulation works. It might he painful for the operators and the customers to implement, but once we are all there, and we have a levelled playing field, it is very important. Sim card registration is a very good example of this regulation,” he said.
The post Invest In Cyber Security – UCC Tells Fintech Companies first appeared on ChimpReports.