Taylor Grossman, Research Analyst at Carnegie Endowment for International Peace, introduced the Cyber Resilience Tool Box designed to enhance the cyber resilience of small- and mid-sized financial organisations.
Although digital financial services hold great opportunities to enable financial inclusion and enhance people’s lives, financial institutions are facing growing cyber risks, internationally.
In this CSB#43, Taylor Grossman, Research Analyst, Cyber Policy Initiative at Carnegie Endowment for International Peace, introduced the Cyber Resilience Tool Box that Carnegie designed in 2019 to enhance the cyber resilience of small- and mid-sized financial organisations and strengthen the overall financial sector.
Throughout this Keynote, Taylor Grossman emphasized the importance of multi-stakeholders’ engagement in order to fill the existing gaps: “Amongst the 6 strategic priorities forming the foundation of the strategy, capacity building is a very foundational priority, fundamentally linked to financial inclusion efforts particularly in developing markets. It allows us to pursue the 3 strategy’s pillars that are:
1/ cyber resilience,
2/ international norms,
3/ collective response.”
Capacity building is necessary to strengthen the cybersecurity of smaller financial organisations and thus the resilience of the entire system.
Between 2014 and 2017, 515 million* adults have obtained an account with financial institutions worldwide. By 2030, mobile banking will have 2 billion users that would store money and make payments on their phones. This brings huge opportunities, however digital services and particularly mobile banking systems are very vulnerable to cyberattacks.
African markets have moved from traditional banking systems to digital financial services, particularly through mobile payment systems.
In many developing countries, mobile phones are feature phones, not smartphones, so a lot of them do not offer end-to-end encryption (in addition to the increasing number of sim swapping, trojans and phishing attacks) and people do not understand how to protect themselves against these new threats. This offers a nice playground for transnational cybercriminal activity. Cybercriminals have recognized this and tend to target these markets more frequently.
The banking sector in Africa lost USD 1.05 trillion as a result of cyberattacks.
“So much is happening in the African continent that we can all learn from”, the researcher stated. Combining forces, learning from each other, gathering evidences, implementing commission feedback will allow the understanding of the innovations that are happening.
*Source: Global Findex
The Keynote was followed by a Round Table with:
· Joyce Dogniez, Vice President, ISOC
· Christophe Bianco, CEO, Excellium Services
· Tegawendé Bissyandé, Chief Scientist SNT
· Thomas Lammar, Finance Inclusive / D4D / Secteur privé, Ministère des Affaires étrangères et européennes
· Bertrand Moupfouma, Co-Founder and VP LuxAfrica
The panelists discussed the importance of diversity in cybersecurity at multiple levels, from gender to skill diversity. Cooperation between Africa and Europe can help addressing this need.
Joyce Dogniez explained that “having local partners is essential” and will help achieving the 3 following objectives:
- Raising awareness amongst end-users (especially by increasing the understanding of the danger of mobile banking since transactions via mobile are growing in Africa)
- Raising awareness amongst middle- and higher-levels stakeholders
- Raising awareness amongst policymakers (by reflecting the risks when wrong policies are put in place)
Christophe Bianco agreed: “we need to leverage the different players and create a dynamic that benefits everyone. We are looking at the impact we can have”.
According to Bertrand Moupfouma, cooperation is key, “we have to work hand in hand and combine experiences between Luxembourg and Africa. There is no room to look for who’s bringing the light”.
“Building capacity in Africa can bring back to Europe. Africa can provide the number of professionals that the digital services’ continuous expansion requires”, Tegawendé Bissyandé supplemented.
Policies and regulations play a strategic role. “The African Union is aware about it and is working on it”, Bertrand Moupfouma said. “Luxembourg and Africa have an academic share on policies for inclusive finance”, Thomas Lammar added.
However, Tegawendé Bissyandé reminded the importance of providing the means to enforce those regulations: “you can set regulations but they will not be efficient if you don’t have the means to enforce them. You need to make sure people can actually implement them”.
2021 Business Partnership Facility: the call for projects has been launched
The objective of the BPF is to encourage the Luxembourg and European private sector to join forces with partners - public or private - that are active in developing countries in order to set up sustainable commercial projects.
Following the success of the first five editions of the GMP, a sixth call for projects has been launched on 01 March – including projects in the ICT (incl. cybersecurity) field.
Watch the full Cybersecurity Breakfast #43: