Internet fraud: CBN to develop new security framework
As global cyber crime losses hit $600bn in 2017, the Central Bank of Nigeria (CBN) has said it is developing a risk-based cyber security framework for deposit money banks and payment service providers.
The CBN governor, Mr. Godwin Emefiele, stated this yesterday at the 2018 CBN-JP Morgan Chase cybersecurity conference held in Abuja.
Mr. Emefiele, who was represented at the event by Mrs. Aisha Ahmad, the CBN Deputy Governor, Financial System Stability (FSS), observed that the new conveniences of modern technology have ushered in complex security challenges and cybercrime.
These range from identity and intellectual property thefts, phishing, email spamming, virus dissemination, to sophisticated hacking and theft by digital crime syndicates.
“These developments have led to a significant rise in the global cost of cybercrime. McAfee and the Center for Strategic and International studies estimate this at over $600 billion in 2017, more than 20 percent higher than in 2014,” he noted.
According to him, “whilst a variety of organizations are exposed to cybercrime, the financial sector is particularly vulnerable given its crucial role of financial intermediation in a highly connected global financial system.”
He indicated that “a recent study by the IMF estimated that global annual losses from cyber-attacks may be close to 9 percent of banks’ net income or around $100 billion. And in a severe scenario, where the frequency of attacks is twice as high as currently experienced and with greater contagion, losses could be as high as $350bn,” he stated.
“The increasing cost, velocity and diversity of cyber-attacks has helped to elevate conversations about building robust defense systems to the forefront,” he noted.
The CBN, he said, “is committed to strengthening the regulatory and supervisory framework for cyber risk and encouraging realistic vulnerability testing and contingency planning for regulated institutions.”
“In partnership with stakeholders in the financial industry, we are developing a risk based cyber security framework for deposit money banks and payment service providers and internally, we have relied on instruments of automation, artificial intelligence and machine learning to address the cyber threat landscape we face,” he explained.
Also commenting, the Director, Information Technology Department, CBN, Mr. John Ayoh said internally, the CBN has examined the threats and is taking action, adding that it CBN has spoken to the American Reserve Bank and that of South Africa to understand what they are doing and gain from their experiences.
“We also realized that we have a unique situation in Nigeria. Most importantly, there is a cyber-capability model - C2M2 - that tells you what the gaps are. We looked into that and tried to benchmark ourselves with the best in financial services as far as cyber security is concerned.
“All the gaps we have are the ones we are trying to plug. Our plan is that by the end of 2018, we would have substantially addressed a lot of those gaps in three areas,” he explained.