The latest Intergovernmental Fintech Working Group (IFWG) report highlights that increasing cyber threats present a material obstacle to the progress possible through technological advancements.
According to Danny Myburgh, Association of Certified Fraud Examiners’ Cyber Forensic Forum for South Africa, the most dominant types of cyber threats encountered are a combination of computer incidents and fraud. These include:
1. | Business email compromise – where attackers compromise a person’s online mail account and change account details. |
2. | Ransomware – the current the biggest cyber threat to an organisation. |
3. | Illegal access or hacking – often a result of weak password controls. |
The World Economic Forum’s Centre for Cybersecurity also reported that the global economic loss due to cybercrime is predicted to reach a staggering USD 3 trillion by 2020.
In South Africa, customer information is ranked by financial institutions as the top most valuable information to cyber criminals, followed by financial information and strategic plans. Data-related risk is therefore viewed by financial institutions as the main threat to anticipate. As a result, financial institutions clearly recognise the risk of cybersecurity threats.
From the workshop discussions, it is evident that there are various options that financial institutions can apply to prevent cyber breaches. However, the success of these methods can be enhanced by some key principles, including:
● | Continuous insight versus spot check-audits; |
● | A reality versus hypothetical view; |
● | Control frameworks that correspond to the modern threat landscape; and |
● | Translating cyber risk to a language that the board will appreciate and can act upon. |
Furthermore, government and regulators play an important role in helping the private sector prepare for and prevent cyberattacks.
As it is summarised in the report shows – “prevention is better than a cure”.
Click here to read the detail in the Fintech Working Group (IFWG) report.